progress on Cloudtrail1

2023-11-15 15:06:26 -08:00 · 2023-11-15 15:06:26 -08:00 · b45c493781
parent 750ffed0ab
commit b45c493781
3 changed files with 28 additions and 1 deletions
--- a/terraform_v1.4.0/CloudTrail/main.tf
+++ b/terraform_v1.4.0/CloudTrail/main.tf
@ -15,6 +15,11 @@ terraform {
  }
 }

+variable "s3_bucket_arn" {
+  type = string  
+  description = "The ARN of the CloudTrail bucket"
+}
+
  provider "aws" {
    region = "us-west-2"
  }
@ -24,10 +29,27 @@ terraform {
    s3_bucket_name                = "stm-cloudtrail-sentinel"
    include_global_service_events = false
  }
-  
+
  resource "aws_cloudtrail" "example-multi-region" {
    name                          = "example-multi-region"
    s3_bucket_name                = "stm-cloudtrail-sentinel"
    include_global_service_events = true
    is_multi_region_trail = true
  }
+
+resource "aws_cloudtrail" "example-with-event-selector" {
+  name =  "example-with-event-selector"
+  s3_bucket_name  = "stm-cloudtrail-sentinel"
+  include_global_service_events = true
+  is_multi_region_trail = true
+
+  event_selector {
+    read_write_type = "All"
+    include_management_events = true
+
+    data_resource {
+      type = "AWS::S3::Object"
+      values = ["${var.s3_bucket_arn}/"]
+    }
+  }
+}
--- a/terraform_v1.4.0/nohup.out
+++ b/terraform_v1.4.0/nohup.out
@ -0,0 +1 @@
+Opening in existing browser session.
--- a/v1.4.0/CloudTrail.1.sentinel
+++ b/v1.4.0/CloudTrail.1.sentinel
@ -2,6 +2,10 @@
 # TODO: Address the ideal way to determine when this policy is appropriate to run
 # TODO: check how the reading and writing of management events works and write configuration to include it:
 #https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail.html#include_management_events
+
+# By default, when no event filter is provided, read and write management events are captured:
+#   # Without an event selector specified, CloudTrail logs all read and write management events by default
+  # https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_EventSelector.html
 import "tfplan/v2" as tfplan

 param actions default [