Skip to content

Commit

Permalink
Add option to provide event_selector for CloudTrail
Browse files Browse the repository at this point in the history
  • Loading branch information
sbkg0002 committed Nov 3, 2023
1 parent eb590f1 commit a13b14a
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 2 deletions.
10 changes: 10 additions & 0 deletions cloudtrail.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,14 @@ resource "aws_cloudtrail" "additional_auditing_trail" {
s3_bucket_name = var.additional_auditing_trail.bucket
kms_key_id = var.additional_auditing_trail.kms_key_id
tags = var.tags

event_selector {
data_resource {
type = var.additional_auditing_trail.event_selector.data_resource.type
values = var.additional_auditing_trail.event_selector.data_resource.values
}
include_management_events = var.additional_auditing_trail.event_selector.include_management_events
exclude_management_event_sources = var.additional_auditing_trail.event_selector.exclude_management_event_sources
read_write_type = var.additional_auditing_trail.event_selector.read_write_type
}
}
4 changes: 3 additions & 1 deletion examples/basic/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,9 @@ provider "datadog" {
}

provider "mcaf" {
aws {}
aws {
region = "eu-west-1"
}
}

module "landing_zone" {
Expand Down
24 changes: 23 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,30 @@ variable "additional_auditing_trail" {
name = string
bucket = string
kms_key_id = string
event_selector = object({
data_resource = optional(object({
type = optional(string)
values = optional(list(string))
}))
exclude_management_event_sources = optional(set(string), null)
include_management_events = optional(bool, true)
read_write_type = optional(string, "All")
})
})
default = null
default = {
name = null
bucket = null
kms_key_id = null
event_selector = {
data_resource = {
type = null
values = []
}
exclude_management_event_sources = null
include_management_events = true
read_write_type = null
}
}
description = "CloudTrail configuration for additional auditing trail"
}

Expand Down

0 comments on commit a13b14a

Please sign in to comment.