{"id":26959330,"url":"https://github.com/tmknom/terraform-aws-cloudtrail","last_synced_at":"2025-04-03T04:37:32.220Z","repository":{"id":49827808,"uuid":"149059803","full_name":"tmknom/terraform-aws-cloudtrail","owner":"tmknom","description":" Terraform module which creates CloudTrail resources on AWS.","archived":false,"fork":false,"pushed_at":"2023-07-04T13:09:47.000Z","size":80,"stargazers_count":2,"open_issues_count":1,"forks_count":11,"subscribers_count":4,"default_branch":"master","last_synced_at":"2023-08-15T19:38:06.302Z","etag":null,"topics":["aws","cloudtrail","terraform","terraform-module"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tmknom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-09-17T02:47:07.000Z","updated_at":"2023-03-22T13:06:02.000Z","dependencies_parsed_at":"2022-08-25T16:40:25.217Z","dependency_job_id":null,"html_url":"https://github.com/tmknom/terraform-aws-cloudtrail","commit_stats":null,"previous_names":[],"tags_count":3,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tmknom%2Fterraform-aws-cloudtrail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tmknom%2Fterraform-aws-cloudtrail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tmknom%2Fterraform-aws-cloudtrail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tmknom%2Fterraform-aws-cloudtrail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tmknom","download_url":"https://codeload.github.com/tmknom/terraform-aws-cloudtrail/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246939173,"owners_count":20857916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloudtrail","terraform","terraform-module"],"created_at":"2025-04-03T04:37:31.693Z","updated_at":"2025-04-03T04:37:32.209Z","avatar_url":"https://github.com/tmknom.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-cloudtrail\n\n[![CircleCI](https://circleci.com/gh/tmknom/terraform-aws-cloudtrail.svg?style=svg)](https://circleci.com/gh/tmknom/terraform-aws-cloudtrail)\n[![GitHub tag](https://img.shields.io/github/tag/tmknom/terraform-aws-cloudtrail.svg)](https://registry.terraform.io/modules/tmknom/cloudtrail/aws)\n[![License](https://img.shields.io/github/license/tmknom/terraform-aws-cloudtrail.svg)](https://opensource.org/licenses/Apache-2.0)\n\nTerraform module which creates CloudTrail resources on AWS.\n\n## Description\n\nProvision [CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html).\nThis module provides recommended settings.\n\n- Enable for all AWS regions\n- Logging for global services such as IAM, STS and CloudFront\n- Enable log file integrity validation\n\n## Usage\n\n### Minimal\n\n```hcl\nmodule \"cloudtrail\" {\n  source         = \"git::https://github.com/tmknom/terraform-aws-cloudtrail.git?ref=tags/1.2.0\"\n  name           = \"default-trail\"\n  s3_bucket_name = \"cloudtrail-bucket\"\n}\n```\n\n### Complete\n\n```hcl\nmodule \"cloudtrail\" {\n  source         = \"git::https://github.com/tmknom/terraform-aws-cloudtrail.git?ref=tags/1.2.0\"\n  name           = \"default-trail\"\n  s3_bucket_name = \"cloudtrail-bucket\"\n\n  enable_logging                = false\n  is_multi_region_trail         = false\n  include_global_service_events = false\n  enable_log_file_validation    = false\n\n  cloud_watch_logs_role_arn  = \"${module.iam_role.iam_role_arn}\"\n  cloud_watch_logs_group_arn = \"${aws_cloudwatch_log_group.complete.arn}\"\n\n  tags = {\n    Environment = \"prod\"\n    Name        = \"default-trail\"\n  }\n}\n\nresource \"aws_cloudwatch_log_group\" \"complete\" {\n  name = \"CloudTrail/logs\"\n}\n\nmodule \"iam_role\" {\n  source             = \"git::https://github.com/tmknom/terraform-aws-iam-role.git?ref=tags/1.2.0\"\n  name               = \"sending-cloudwatch-logs-for-cloudtrail\"\n  assume_role_policy = \"${data.aws_iam_policy_document.assume_role_policy.json}\"\n  policy             = \"${data.aws_iam_policy_document.policy.json}\"\n  description        = \"Send log events to CloudWatch Logs from CloudTrail\"\n}\n\n# Omitted below.\n```\n\n## Examples\n\n- [Minimal](https://github.com/tmknom/terraform-aws-cloudtrail/tree/master/examples/minimal)\n- [Complete](https://github.com/tmknom/terraform-aws-cloudtrail/tree/master/examples/complete)\n\n## Inputs\n\n| Name                          | Description                                                                                         |  Type  | Default | Required |\n| ----------------------------- | --------------------------------------------------------------------------------------------------- | :----: | :-----: | :------: |\n| name                          | Specifies the name of the trail.                                                                    | string |    -    |   yes    |\n| s3_bucket_name                | Specifies the name of the S3 bucket designated for publishing log files.                            | string |    -    |   yes    |\n| cloud_watch_logs_group_arn    | Specifies a log group name using an Amazon Resource Name (ARN).                                     | string | `` | no |\n| cloud_watch_logs_role_arn     | Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.       | string | `` | no |\n| enable_log_file_validation    | Specifies whether log file integrity validation is enabled.                                         | string | `true`  |    no    |\n| enable_logging                | Enables logging for the trail.                                                                      | string | `true`  |    no    |\n| include_global_service_events | Specifies whether the trail is publishing events from global services such as IAM to the log files. | string | `true`  |    no    |\n| is_multi_region_trail         | Specifies whether the trail is created in the current region or in all regions.                     | string | `true`  |    no    |\n| tags                          | A mapping of tags to assign to the bucket.                                                          |  map   |  `{}`   |    no    |\n\n## Outputs\n\n| Name                   | Description                                |\n| ---------------------- | ------------------------------------------ |\n| cloudtrail_arn         | The Amazon Resource Name of the trail.     |\n| cloudtrail_home_region | The region in which the trail was created. |\n| cloudtrail_name        | The name of the trail.                     |\n\n## Development\n\n### Requirements\n\n- [Docker](https://www.docker.com/)\n\n### Configure environment variables\n\n```shell\nexport AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE\nexport AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\nexport AWS_DEFAULT_REGION=ap-northeast-1\n```\n\n### Installation\n\n```shell\ngit clone git@github.com:tmknom/terraform-aws-cloudtrail.git\ncd terraform-aws-cloudtrail\nmake install\n```\n\n### Makefile targets\n\n```text\ncheck-format                   Check format code\ncibuild                        Execute CI build\nclean                          Clean .terraform\ndocs                           Generate docs\nformat                         Format code\nhelp                           Show help\ninstall                        Install requirements\nlint                           Lint code\nrelease                        Release GitHub and Terraform Module Registry\nterraform-apply-complete       Run terraform apply examples/complete\nterraform-apply-minimal        Run terraform apply examples/minimal\nterraform-destroy-complete     Run terraform destroy examples/complete\nterraform-destroy-minimal      Run terraform destroy examples/minimal\nterraform-plan-complete        Run terraform plan examples/complete\nterraform-plan-minimal         Run terraform plan examples/minimal\nupgrade                        Upgrade makefile\n```\n\n### Releasing new versions\n\nBump VERSION file, and run `make release`.\n\n### Terraform Module Registry\n\n- \u003chttps://registry.terraform.io/modules/tmknom/cloudtrail/aws\u003e\n\n## License\n\nApache 2 Licensed. See LICENSE for full details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftmknom%2Fterraform-aws-cloudtrail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftmknom%2Fterraform-aws-cloudtrail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftmknom%2Fterraform-aws-cloudtrail/lists"}