2118 au 05 audit process migrate logs to s3 buckets (#2214)

* Revert name of CloudTrail bucket. * Remove ownership and public access resources. * Add SourceArn and remove prefix from policy file. * Additional CloudTrail-related fixes.
cisagov · Sep 6, 2023 · dab8e93 · dab8e93
1 parent ca8182e
commit dab8e93
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars
@@ -42,9 +42,9 @@ worker_ecs_task_definition_family = "crossfeed-staging-worker"
 worker_ecs_log_group_name         = "crossfeed-staging-worker"
 worker_ecs_role_name              = "crossfeed-staging-worker"
 logging_bucket_name               = "cisa-crossfeed-staging-logging"
-cloudtrail_bucket_name            = "cisa-crossfeed-staging-cloudtrails"
-cloudtrail_role_name              = "cisa-crossfeed-staging-cloudtrails"
-cloudtrail_log_group_name         = "cisa-crossfeed-staging-cloudtrails"
+cloudtrail_bucket_name            = "cisa-crossfeed-staging-cloudtrail"
+cloudtrail_role_name              = "cisa-crossfeed-staging-cloudtrail"
+cloudtrail_log_group_name         = "cisa-crossfeed-staging-cloudtrail"
 export_bucket_name                = "cisa-crossfeed-staging-exports"
 reports_bucket_name               = "cisa-crossfeed-staging-reports"
 pe_db_backups_bucket_name         = "cisa-crossfeed-staging-pe-db-backups"

diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf
@@ -265,19 +265,19 @@ variable "logging_bucket_name" {
 variable "cloudtrail_bucket_name" {
   description = "cloudtrail_bucket_name"
   type        = string
-  default     = "cisa-crossfeed-staging-cloudtrails"
+  default     = "cisa-crossfeed-staging-cloudtrail"
 }
 
 variable "cloudtrail_role_name" {
   description = "cloudtrail_role_name"
   type        = string
-  default     = "crossfeed-staging-cloudtrails-role"
+  default     = "crossfeed-staging-cloudtrail-role"
 }
 
 variable "cloudtrail_log_group_name" {
   description = "cloudtrail_log_group_name"
   type        = string
-  default     = "crossfeed-staging-cloudtrails-logs"
+  default     = "crossfeed-staging-cloudtrail-logs"
 }
 
 variable "export_bucket_name" {