This module creates an S3 Bucket and the required resources to enable CloudTrail.
The following resources will be created:
- S3 Bucket with policy.
- CloudWatch Log Group.
- IAM Role fow sending CloudTrail logs to CloudWatch.
- KMS for log encryption.
- CloudTrail.
- CloudWatch security alarams.
module "cloudtrail" {
source = "./Modules/CloudTrail"
account_name = "accountname"
region = "eu-west-1"
email = "email-address"
}
account_name : (required) used to name the S3 bucket and the trail name.
region : (required) the region which the resources will be created in.
email : (required) the email that will recieve the SNS alarms.