A Terraform module that creates AWS CloudTrail.
- Advanced Event Selector
- Event Selector
No modules.
Name |
Description |
Type |
Default |
Required |
advanced_event_selector |
(Optional) Specifies an advanced event selector for enabling data event logging. |
any |
null |
no |
cloud_watch_logs_group_arn |
(Optional) Log group name using an ARN that represents the log group to which CloudTrail logs will be delivered. |
string |
null |
no |
cloud_watch_logs_role_arn |
(Optional) Role for the CloudWatch Logs endpoint to assume to write to a user’s log group. |
string |
null |
no |
enable_log_file_validation |
(Optional) Whether log file integrity validation is enabled. Defaults to false. |
bool |
null |
no |
enable_logging |
(Optional) Enables logging for the trail. Defaults to true. Setting this to false will pause logging. |
bool |
null |
no |
include_global_service_events |
(Optional) Whether the trail is publishing events from global services such as IAM to the log files. Defaults to true. |
bool |
null |
no |
insight_selector |
(Optional) Configuration block for identifying unusual operational activity. |
any |
null |
no |
is_multi_region_trail |
(Optional) Whether the trail is created in the current region or in all regions. Defaults to false. |
bool |
null |
no |
is_organization_trail |
(Optional) Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
null |
no |
kms_key_id |
(Optional) KMS key ARN to use to encrypt the logs delivered by CloudTrail. |
string |
null |
no |
name |
(Required) Name of the trail. |
string |
n/a |
yes |
s3_bucket_name |
(Required) Name of the S3 bucket designated for publishing log files. |
string |
n/a |
yes |
s3_key_prefix |
(Optional) S3 key prefix that follows the name of the bucket you have designated for log file delivery. |
string |
null |
no |
sns_topic_name |
(Optional) Name of the Amazon SNS topic defined for notification of log file delivery. |
string |
null |
no |
tags |
(Optional) Map of tags to assign to the trail. If configured with a provider |
map(string) |
null |
no |