make a varible for event_ignore_list

clouddrove · Sep 7, 2021 · d5f67b6 · d5f67b6
1 parent 9e5b9a3
commit d5f67b6
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 16 deletions.
diff --git a/main.tf b/main.tf
@@ -16,10 +16,10 @@ module "cloudtrail" {
   key_deletion_window_in_days       = var.key_deletion_window_in_days
   cloudwatch_logs_retention_in_days = var.cloudwatch_logs_retention_in_days
   cloudwatch_logs_group_name        = var.cloudwatch_logs_group_name
-  EVENT_IGNORE_LIST                 = var.event_ignore_list
-  EVENT_ALERT_LIST                  = var.event_alert_list
-  USER_IGNORE_LIST                  = var.user_ignore_list
-  SOURCE_LIST                       = var.source_list
+  EVENT_IGNORE_LIST                 = var.EVENT_IGNORE_LIST
+  EVENT_ALERT_LIST                  = var.EVENT_ALERT_LIST
+  USER_IGNORE_LIST                  = var.USER_IGNORE_LIST
+  SOURCE_LIST                       = var.SOURCE_LIST
   s3_bucket_name                    = var.cloudtrail_bucket_name
   slack_webhook                     = var.slack_webhook
   slack_channel                     = var.slack_channel

diff --git a/variables.tf b/variables.tf
@@ -468,26 +468,26 @@ variable "schedule_expression" {
   description = "AWS Schedule Expression: https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html"
 }
 
-variable "event_ignore_list" {
+variable "EVENT_IGNORE_LIST" {
   type        = string
-  default     = jsonencode(["^Describe*", "^Assume*", "^List*", "^Get*", "^Decrypt*", "^Lookup*", "^BatchGet*", "^CreateLogStream$", "^RenewRole$", "^REST.GET.OBJECT_LOCK_CONFIGURATION$", "TestEventPattern", "TestScheduleExpression", "CreateNetworkInterface", "ValidateTemplate", "GitPull", "PutInventory", "BatchCheckLayerAvailability", "UploadLayerPart", "DeregisterImage", "DeleteSnapshot", "DeleteDBSnapshot", "ModifyDBInstance", "StartBuild", "RetireGrant", "InitiateLayerUpload", "CompleteLayerUpload", "PutImage", "PolicyExecutionEvent", "GetDownloadUrlForLayer", "CreateRepository", ])
-  description = ""
+  default     = ""
+  description = "Event List which event is ignore."
 }
 
-variable "event_alert_list" {
+variable "EVENT_ALERT_LIST" {
   type        = string
-  default     = jsonencode(["DetachRolePolicy", "ConsoleLogin"])
-  description = ""
+  default     = ""
+  description = "Event List which event is not ignore."
 }
 
-variable "user_ignore_list" {
+variable "USER_IGNORE_LIST" {
   type        = string
-  default     = jsonencode(["^awslambda_*", "^aws-batch$", "^bamboo*", "^i-*", "^[0-9]*$", "^ecs-service-scheduler$", "^AutoScaling$", "^AWSCloudFormation$", "^CloudTrailBot$", "^SLRManagement$"])
-  description = ""
+  default     = ""
+  description = "User List which event is ignore."
 }
 
-variable "source_list" {
+variable "SOURCE_LIST" {
   type        = string
-  default     = ["aws-sdk-go"]
-  description = ""
+  default     = ""
+  description = "Event Source List which event is ignore."
 }