diff --git a/cloudtrail.tf b/cloudtrail.tf index 7d99165..b52bf4f 100644 --- a/cloudtrail.tf +++ b/cloudtrail.tf @@ -11,4 +11,20 @@ resource "aws_cloudtrail" "additional_auditing_trail" { s3_bucket_name = var.additional_auditing_trail.bucket kms_key_id = var.additional_auditing_trail.kms_key_id tags = var.tags + + event_selector { + dynamic "data_resource" { + for_each = var.additional_auditing_trail.event_selector.data_resource != null ? { create = true } : {} + + content { + type = var.additional_auditing_trail.event_selector.data_resource.type + values = var.additional_auditing_trail.event_selector.data_resource.values + } + + } + + include_management_events = var.additional_auditing_trail.event_selector.include_management_events + exclude_management_event_sources = var.additional_auditing_trail.event_selector.exclude_management_event_sources + read_write_type = var.additional_auditing_trail.event_selector.read_write_type + } } diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 3f33bca..9efb386 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -32,7 +32,9 @@ provider "datadog" { } provider "mcaf" { - aws {} + aws { + region = "eu-west-1" + } } module "landing_zone" { diff --git a/variables.tf b/variables.tf index cd6442f..b69d7a3 100644 --- a/variables.tf +++ b/variables.tf @@ -3,8 +3,16 @@ variable "additional_auditing_trail" { name = string bucket = string kms_key_id = string + event_selector = optional(object({ + data_resource = optional(object({ + type = string + values = list(string) + })) + exclude_management_event_sources = optional(set(string), null) + include_management_events = optional(bool, true) + read_write_type = optional(string, "All") + })) }) - default = null description = "CloudTrail configuration for additional auditing trail" }