Requirements
| Name | Version |
|---|---|
| terraform | >= 0.13.1 |
| aws | >= 4.8 |
| external | >= 1.0 |
| local | >= 1.0 |
| null | >= 2.0 |
Providers
| Name | Version |
|---|---|
| aws | >= 4.8 |
Modules
| Name | Source | Version |
|---|---|---|
| lambda | registry.terraform.io/terraform-aws-modules/lambda/aws | 3.2.0 |
Resources
| Name | Type |
|---|---|
| aws_cloudwatch_log_subscription_filter.cloudwatch_logs_to_slack | resource |
| aws_iam_policy.sns | resource |
| aws_iam_role_policy_attachment.sns | resource |
| aws_lambda_permission.cloudwatch_logs | resource |
| aws_ssm_parameter.config | resource |
| aws_caller_identity.current | data source |
| aws_cloudwatch_log_group.logs | data source |
| aws_iam_policy_document.sns | data source |
| aws_region.current | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cloudtrail_cw_log_group | Name of the CloudWatch log group that contains CloudTrail events | string |
n/a | yes |
| configuration | Allows to configure slack web hook url per account(s) so you can separate events from different accounts to different channels. Useful in context of AWS organization | list(object({ |
null |
no |
| dead_letter_target_arn | The ARN of an SNS topic or SQS queue to notify when an invocation fails. | string |
null |
no |
| default_slack_hook_url | Slack incoming webhook URL to be used if AWS account id does not match any account id from configuration variable | string |
n/a | yes |
| events_to_track | Comma-separated list events to track and report | string |
"" |
no |
| function_name | Lambda function name | string |
"fivexl-cloudtrail-to-slack" |
no |
| ignore_rules | Comma-separated list of rules to ignore events if you need to suppress something. Will be applied before rules and default_rules | string |
"" |
no |
| lambda_logs_retention_in_days | Controls for how long to keep lambda logs. | number |
30 |
no |
| lambda_timeout_seconds | Controls lambda timeout setting. | number |
60 |
no |
| rules | Comma-separated list of rules to track events if just event name is not enough | string |
"" |
no |
| rules_separator | Custom rules separator. Can be used if there are commas in the rules | string |
"," |
no |
| sns_topic_pattern | SNS Topic pattern where notifications will be published. Most contain exactly one occurance of ACCOUNT_ID Example: arn:aws:sns:us-east-1:ACCOUNT_ID:cloudtrail | string |
n/a | yes |
| tags | Tags to attach to resources | map(string) |
{} |
no |
| use_default_rules | Should default rules be used | bool |
true |
no |
Outputs
| Name | Description |
|---|---|
| lambda_function_arn | The ARN of the Lambda Function |
| lambda_function_name | The Name of the Lambda Function |
| lambda_function_role_arn | The ARN of the Lambda Function Role |