This project focuses on creating the S3 bucket and CloudTrail for management events using Terraform.
In many AWS environments, it's crucial to have fine-grained control over resource creation permissions. This project demonstrates creation of Cloutrail (management event)and S3 bucket.
Before using this project, ensure you have the following:
- Terraform installed on your machine.
- AWS credentials configured on your system.
- Basic understanding of S3 , CloudTrail and Terraform.
-
Clone this repository to your local machine:
git clone https://github.com/vireshsolanki/aws_cloudtrail_logs_in_s3.git
-
Navigate to the project directory:
cd creation
-
Initialize the Terraform configuration:
terraform init
-
Customize the
terraform.tfvars
file to specify the desired region,name.name = "test-cltrail" region = "ap-southeast-1"
-
Review the Terraform configuration files to ensure they meet your requirements.
-
Apply the changes to create the IAM policy:
terraform apply
This project consists of the following modules:
s3
: Creates S3 bucket.cloudtrail
: Creates CloudTrail .resource "aws_cloudtrail" "test-trail" { depends_on = [ var.test-trail-s3-policy ] is_multi_region_trail = true event_selector { include_management_events = true #this for the management events read_write_type = "All" }
The project uses the following variables, which can be customized in the terraform.tfvars
file:
name
: It will have your CloudTrail name.region
: The allowed AWS region for S3 bucket.
Contributions to this project are welcome. Feel free to submit issues, feature requests, or pull requests.