This terraform module creates buckets to save audit logs from accounts in the organization
The following resources will be created:
- AWS Config centralized bucket for Audit accounts
- Encrypted Bucket to save audit logs
In addition, you have the option to specify:
- How many days before transitioning files to Infrequent-Access (IA)
- How many days before transitioning files to Glacier
- Enable or not guardduty
- Enable or not guardduty notification in case of findings
Name | Version |
---|---|
terraform | >= 0.12.0 |
Name | Version |
---|---|
aws | n/a |
aws.master | n/a |
Name | Description | Type | Default | Required |
---|---|---|---|---|
account_ids | AWS Account IDs under Auditing for the organization | list |
[] |
no |
enable_guardduty_notification | Enable/Disables guardduty findings slack notification | bool |
false |
no |
event_threshold | Filtering out events by severity or noisy alerts | number |
0 |
no |
guardduty | Enable/Disables guardduty | bool |
true |
no |
org_name | Name for this organization (not actually used in API call) | any |
n/a | yes |
s3_days_until_glacier | How many days before transitioning files to Glacier | number |
90 |
no |
slack_webhook | Slack webhook which will receive guardduty notification | string |
"" |
no |
Name | Description |
---|---|
config_s3_bucket_name | n/a |
guardduty_id | n/a |
guardduty_s3_bucket_name | n/a |
logs_s3_bucket_name | n/a |
Module managed by DNX Solutions.
Apache 2 Licensed. See LICENSE for full details.