https://github.com/blackbird-cloud/terraform-aws-cloudtrail
Terraform module to create an AWS CloudTrail
https://github.com/blackbird-cloud/terraform-aws-cloudtrail
aws cloudtrail terraform
Last synced: about 1 month ago
JSON representation
Terraform module to create an AWS CloudTrail
- Host: GitHub
- URL: https://github.com/blackbird-cloud/terraform-aws-cloudtrail
- Owner: blackbird-cloud
- License: apache-2.0
- Created: 2023-05-25T13:30:31.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2025-01-31T14:49:25.000Z (over 1 year ago)
- Last Synced: 2025-01-31T15:19:39.362Z (over 1 year ago)
- Topics: aws, cloudtrail, terraform
- Language: HCL
- Homepage:
- Size: 38.1 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://blackbird.cloud)
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1 |
| [aws](#requirement\_aws) | ~> 4 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | 4.67.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [bucket](#module\_bucket) | terraform-aws-modules/s3-bucket/aws | ~> 3 |
| [bucket\_policy](#module\_bucket\_policy) | blackbird-cloud/s3-bucket-policy/aws | ~> 0 |
| [kms\_key](#module\_kms\_key) | blackbird-cloud/kms-key/aws | ~> 0 |
## Resources
| Name | Type |
|------|------|
| [aws_cloudtrail.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail) | resource |
| [aws_caller_identity.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [administrator\_arns](#input\_administrator\_arns) | List of AWS principals that will receive Administrative permissions on the resources created. | `list(string)` | `[]` | no |
| [cloud\_watch\_logs\_group\_arn](#input\_cloud\_watch\_logs\_group\_arn) | (Optional) Log group name using an ARN that represents the log group to which CloudTrail logs will be delivered. Note that CloudTrail requires the Log Stream wildcard. | `string` | `""` | no |
| [cloud\_watch\_logs\_role\_arn](#input\_cloud\_watch\_logs\_role\_arn) | (Optional) Role for the CloudWatch Logs endpoint to assume to write to a user’s log group. | `string` | `""` | no |
| [enable\_log\_file\_validation](#input\_enable\_log\_file\_validation) | (Optional) Whether log file integrity validation is enabled. Defaults to `false`. | `bool` | `false` | no |
| [include\_global\_service\_events](#input\_include\_global\_service\_events) | (Optional) Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`. | `bool` | `true` | no |
| [is\_multi\_region\_trail](#input\_is\_multi\_region\_trail) | (Optional) Whether the trail is created in the current region or in all regions. Defaults to `false`. | `bool` | `true` | no |
| [is\_organization\_trail](#input\_is\_organization\_trail) | (Optional) Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`. | `bool` | `true` | no |
| [name](#input\_name) | Name used for all resources created. | `string` | n/a | yes |
| [tags](#input\_tags) | (Optional) Map of tags to assign to the trail. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. | `map(string)` | `{}` | no |
| [viewers\_arns](#input\_viewers\_arns) | (Optional) List of AWS principals that will receive viewing permissions on the Cloudtrail data. | `list(string)` | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [bucket](#output\_bucket) | The S3 Bucket that stores the CloudTrail. |
| [cloudtrail](#output\_cloudtrail) | The CloudTrail resource. |
| [kms\_key](#output\_kms\_key) | The KMS key used to encrypt the CloudTrail. |
## About
We are [Blackbird Cloud](https://blackbird.cloud), Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.
Checkout our other :point\_right: [terraform modules](https://registry.terraform.io/namespaces/blackbird-cloud)
## Copyright
Copyright © 2017-2023 [Blackbird Cloud](https://blackbird.cloud)