{"id":19508933,"url":"https://github.com/rhythmictech/terraform-aws-cis-cloudwatch-monitors","last_synced_at":"2025-04-26T03:31:48.823Z","repository":{"id":47774474,"uuid":"189878144","full_name":"rhythmictech/terraform-aws-cis-cloudwatch-monitors","owner":"rhythmictech","description":"Creates CloudWatch metric filters and alerts as required by the CIS AWS Benchmark","archived":false,"fork":false,"pushed_at":"2021-08-13T13:59:21.000Z","size":38,"stargazers_count":8,"open_issues_count":1,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-04T07:11:26.415Z","etag":null,"topics":["aws","cloudwatch","terraform","terraform-module","terraform-modules"],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/modules/rhythmictech/cloudwatch-monitors/cis","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rhythmictech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null}},"created_at":"2019-06-02T17:56:07.000Z","updated_at":"2023-05-06T06:44:17.000Z","dependencies_parsed_at":"2022-08-26T14:11:14.996Z","dependency_job_id":null,"html_url":"https://github.com/rhythmictech/terraform-aws-cis-cloudwatch-monitors","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-cis-cloudwatch-monitors","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-cis-cloudwatch-monitors/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-cis-cloudwatch-monitors/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fterraform-aws-cis-cloudwatch-monitors/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rhythmictech","download_url":"https://codeload.github.com/rhythmictech/terraform-aws-cis-cloudwatch-monitors/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250926819,"owners_count":21509044,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloudwatch","terraform","terraform-module","terraform-modules"],"created_at":"2024-11-10T23:10:24.964Z","updated_at":"2025-04-26T03:31:48.562Z","avatar_url":"https://github.com/rhythmictech.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-cis-cloudwatch-monitors\n\n[![](https://github.com/rhythmictech/terraform-aws-cis-cloudwatch-monitors/workflows/check/badge.svg)](https://github.com/rhythmictech/terraform-aws-cis-cloudwatch-monitors/actions)\n\nCreates CloudWatch metric filters and alerts as required by the CIS AWS Benchmark.\n\nThis module assumes that all of your CloudTrail logs (from all regions) are routing into a single CloudWatch log group specified in `log_group`. Use the `name_prefix` var if you\nneed to create this module for additional log groups.\n\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| terraform | \u003e= 0.13 |\n| aws | \u003e= 2.63.0 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| aws | \u003e= 2.63.0 |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| log\\_group | Name of CloudWatch Log Group to look for CloudTrail alerts in. | `string` | n/a | yes |\n| notification\\_arn | ARN of SNS topic to route notifications to. | `string` | n/a | yes |\n| alarm\\_threshold\\_aws\\_config\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_cloudtrail\\_config\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_console\\_access\\_without\\_mfa | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_disable\\_or\\_delete\\_cmk | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_failed\\_console\\_login | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_iam\\_policy\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_nacl\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_network\\_gateway\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_root\\_access | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_root\\_account\\_usage | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_route\\_table\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_s3\\_bucket\\_policy\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_security\\_group\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_unauthorized\\_cloudtrail\\_calls | The value against which the specified statistic is compared. | `number` | `1` | no |\n| alarm\\_threshold\\_vpc\\_change | The value against which the specified statistic is compared. | `number` | `1` | no |\n| core\\_alarms\\_only | Set to true to only get the core/important alarms | `bool` | `false` | no |\n| datapoints\\_to\\_alarm\\_aws\\_config\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_cloudtrail\\_config\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_console\\_access\\_without\\_mfa | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_disable\\_or\\_delete\\_cmk | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_failed\\_console\\_login | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_iam\\_policy\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_nacl\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_network\\_gateway\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_root\\_access | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_root\\_account\\_usage | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_route\\_table\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_s3\\_bucket\\_policy\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_security\\_group\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_unauthorized\\_cloudtrail\\_calls | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| datapoints\\_to\\_alarm\\_vpc\\_change | (Optional) The number of datapoints that must be breaching to trigger the alarm. | `number` | `null` | no |\n| default\\_period | Period (in seconds) over which to look for threshold events. | `number` | `300` | no |\n| metric\\_namespace | Namespace to define all metrics in. | `string` | `\"cis-cloudwatch-metrics\"` | no |\n| name\\_prefix | Prefix for all metric filters, metrics and alarms. This is not required but may be useful if you need to create this module multiple times for different log groups. | `string` | `\"\"` | no |\n| tags | Tags to apply to supported resources. | `map(string)` | `{}` | no |\n\n## Outputs\n\nNo output.\n\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-cis-cloudwatch-monitors","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frhythmictech%2Fterraform-aws-cis-cloudwatch-monitors","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fterraform-aws-cis-cloudwatch-monitors/lists"}