terraform-aws-cloudtrail-cloudwatch-alarms
Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.
APACHE-2.0 License
Bot releases are visible (Hide)
Published by cloudpossebot about 3 years ago
🤖 Automatic Updates
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| cloudposse/label/null (source) | module | minor |
0.24.1 -> 0.25.0
|
Release Notes
v0.25.0
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box.
This PR has been generated by WhiteSource Renovate. View repository job log here.
Published by cloudpossebot about 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label
why
To support all the features of the context interface.
Published by cloudpossebot about 3 years ago
🚀 Enhancements
what
- Updates sns_topic name
FromCloudTrailBreach-threshold-alertsto${namespace}-${env}-${stage}-cloudwatch-cloudtrail-breach
why
- follow naming convention
Published by cloudpossebot over 3 years ago
what
- Disable use of amazon-managed KMS key
- Use user-supplied CMK if
var.kms_master_key_idis not null - If
var.kms_master_key_idis null, create a CMK for SNS topic for encryption of CloudTrailTrailBreach SNS topic and allow CloudWatch to encrypt messages published to the SNS topic.
why
- The SNS topic must be encrypted with a KMS key that allows the CloudWatch service to use it. Messages will fail to be published when using the amazon-managed default KMS key for SNS.
references
Published by cloudpossebot over 3 years ago
what
- Fix the conditional logic for the
aws_sns_topic_policy - Update to allow the alarm to be named
- Update the catalog to reflect other changes
why
- The current logic is incorrect
Published by cloudpossebot over 3 years ago
what
- Adding config_yaml module compatibility
- Change metrics to catalog
why
- To make it easy to load big catalog of metric filters and alerts
- To make the alerts and metrics fully configurable
Published by cloudpossebot over 3 years ago
what
- update context.tf to v0.24.1
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
Published by cloudpossebot over 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label
why
To support all the features of the context interface.
Published by cloudpossebot over 3 years ago
what
- update context.tf to v0.23.0
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
Published by cloudpossebot over 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
Published by cloudpossebot over 3 years ago
what
- BridgeCrew compliance checks fix
- readme updated
- default behaviour changed:
Encrypt SNS Topic Dataenabled by default
why
- To be able to position our modules as standards compliant
- Providing explicit note about policy attached directly to user
- To comply BridgeCrew check
references
Published by cloudpossebot over 3 years ago
what
- Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard
why
- Support Terraform 0.14
Published by github-actions[bot] almost 4 years ago
why
- There was drift since #21 was merged
references
- #21
Published by github-actions[bot] almost 4 years ago
- Brings this module into the new ecosystem of tools used by CloudPosse, and updates
terraformcompatibility tov0.12.x. - Adds
.githubdir with all the CloudPosse defaults - Created a complete test case with updated CloudPosse module references
- Updated syntax for dashboard creation to use terraform native code, then
jsonencode - Extract all metric definitions into single
metric_definitions.tffile for readability
why
- Hasn't been updated in a while, and I would like to use it 😄
references
- Closes #11
Published by aknysh over 4 years ago
what
- Fix parenthesis
why
- Some code did not properly include a set of parenthesis
Published by aknysh almost 5 years ago
what
- Change filter expressions as per CIS Benchmark guide
why
-
Update 3 filters in alarms.tf as per CIS Benchmark guide.
- Ensure a log metric filter and alarm exist for Management Console sign-in without MFA
- Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKs
- Ensure a log metric filter and alarm exist for AWS Config configuration changes
references
related
- Closes #9
Published by aknysh almost 5 years ago
what
- Fix permissions
why
- The alerts do not originate from
events.amazonaws.com
Published by vadim-hleif about 6 years ago
what
- Regenerate
README.md
why
- Previous version of build-harness has some typos
Published by vadim-hleif over 6 years ago
- Fix avatars links