Skip to content

Commit

Permalink
[1.0.0] Combined prerelease content
Browse files Browse the repository at this point in the history
  • Loading branch information
@tionichm
tionichm committed Oct 30, 2024
1 parent 9fe20b3 commit 3f0e3d5
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 22 deletions.
2 changes: 0 additions & 2 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,5 @@
- Alarms triggered based on defined thresholds for specific Security Group events.
- Detailed variable descriptions for easy customization and configuration.

## [1.0.1] - 2024-10-30

### Changed
- Updated Terraform examples in [`README.md`](README.md) to reference the module source from the Terraform Registry.
41 changes: 23 additions & 18 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,30 +16,35 @@ This Terraform module creates CloudWatch Log Metric Filters and associated Alarm
- Creates CloudWatch Log Metric Filters for specified Security Groups.
- Creates CloudWatch Alarms that trigger based on metrics from the filters.
- Flexible configuration for events to monitor and alarm settings.

<!-- BEGIN_TF_DOCS -->
## Requirements
- Terraform 1.0 or later
- AWS Provider

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.46 |

## Inputs
| Variable | Description | Type | Default |
|----------------------------------------------|------------------------------------------------------------------------------------------------------|---------------|-----------------------------------------------------------|
| `sg_ids` | The list of Security Group IDs to monitor. | `list(string)` | n/a |
| `sg_event_names` | The list of event names to monitor for each Security Group. | `list(string)` | `["DeleteSecurityGroup", "AuthorizeSecurityGroupIngress", "RevokeSecurityGroupIngress", "AuthorizeSecurityGroupEgress", "RevokeSecurityGroupEgress", "UpdateSecurityGroupRuleDescriptionsIngress", "UpdateSecurityGroupRuleDescriptionsEgress"]` |
| `cw_log_group_name` | The name of the CloudWatch log group storing CloudTrail logs. | `string` | n/a |
| `cw_metric_filter_namespace` | The namespace for the CloudWatch metric filter. | `string` | `EC2/Monitoring` |
| `cw_metric_filter_value` | The value to publish to the CloudWatch metric. | `string` | `1` |
| `cw_metric_filter_alarm_comparison_operator` | The comparison operator for the CloudWatch metric filter alarm. | `string` | `GreaterThanOrEqualToThreshold` |
| `cw_metric_filter_alarm_evaluation_periods` | The number of periods over which data is compared to the specified threshold. | `number` | `1` |
| `cw_metric_filter_alarm_period` | The period in seconds over which the specified statistic is applied. | `number` | `300` |
| `cw_metric_filter_alarm_statistic` | The statistic to apply to the alarm's associated metric. | `string` | `Sum` |
| `cw_metric_filter_alarm_threshold` | The value against which the specified statistic is compared. | `number` | `1` |
| `cw_metric_filter_alarm_actions` | The list of actions to execute when the alarm transitions into an ALARM state. | `list(string)` | `[]` |

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_cw_log_group_name"></a> [cw\_log\_group\_name](#input\_cw\_log\_group\_name) | The name of the CloudWatch log group storing CloudTrail logs. | `string` | n/a | yes |
| <a name="input_cw_metric_filter_alarm_actions"></a> [cw\_metric\_filter\_alarm\_actions](#input\_cw\_metric\_filter\_alarm\_actions) | The list of actions to execute when the alarm transitions into an ALARM state from any other state. | `list(string)` | `[]` | no |
| <a name="input_cw_metric_filter_alarm_comparison_operator"></a> [cw\_metric\_filter\_alarm\_comparison\_operator](#input\_cw\_metric\_filter\_alarm\_comparison\_operator) | The comparison operator for the CloudWatch metric filter alarm. | `string` | `"GreaterThanOrEqualToThreshold"` | no |
| <a name="input_cw_metric_filter_alarm_evaluation_periods"></a> [cw\_metric\_filter\_alarm\_evaluation\_periods](#input\_cw\_metric\_filter\_alarm\_evaluation\_periods) | The number of periods over which data is compared to the specified threshold. | `number` | `1` | no |
| <a name="input_cw_metric_filter_alarm_period"></a> [cw\_metric\_filter\_alarm\_period](#input\_cw\_metric\_filter\_alarm\_period) | The period in seconds over which the specified statistic is applied. | `number` | `300` | no |
| <a name="input_cw_metric_filter_alarm_statistic"></a> [cw\_metric\_filter\_alarm\_statistic](#input\_cw\_metric\_filter\_alarm\_statistic) | The statistic to apply to the alarm's associated metric. | `string` | `"Sum"` | no |
| <a name="input_cw_metric_filter_alarm_threshold"></a> [cw\_metric\_filter\_alarm\_threshold](#input\_cw\_metric\_filter\_alarm\_threshold) | The value against which the specified statistic is compared. | `number` | `1` | no |
| <a name="input_cw_metric_filter_namespace"></a> [cw\_metric\_filter\_namespace](#input\_cw\_metric\_filter\_namespace) | The namespace for the CloudWatch metric filter. | `string` | `"EC2/Monitoring"` | no |
| <a name="input_cw_metric_filter_value"></a> [cw\_metric\_filter\_value](#input\_cw\_metric\_filter\_value) | The value to publish to the CloudWatch metric. | `string` | `"1"` | no |
| <a name="input_sg_event_names"></a> [sg\_event\_names](#input\_sg\_event\_names) | The list of event names to monitor for each Security Group. | `list(string)` | <pre>[<br/> "DeleteSecurityGroup",<br/> "AuthorizeSecurityGroupIngress",<br/> "RevokeSecurityGroupIngress",<br/> "AuthorizeSecurityGroupEgress",<br/> "RevokeSecurityGroupEgress",<br/> "UpdateSecurityGroupRuleDescriptionsIngress",<br/> "UpdateSecurityGroupRuleDescriptionsEgress"<br/>]</pre> | no |
| <a name="input_sg_ids"></a> [sg\_ids](#input\_sg\_ids) | The list of Security Group IDs to monitor. | `list(string)` | n/a | yes |
<!-- END_TF_DOCS -->

## Simple Example
```hcl
module "terraform_trailwatch_sg" {
source = "terraform-trailwatch-modules/security-groups/trailwatch"
source = "terraform-trailwatch-modules/security-groups/aws"
sg_ids = ["sg-12345678", "sg-87654321"]
cw_log_group_name = "the-cloudtrail-log-group"
cw_metric_filter_alarm_actions = ["arn:aws:sns:region:account-id:sns-topic"]
Expand All @@ -49,7 +54,7 @@ module "terraform_trailwatch_sg" {
## Advanced Example
```hcl
module "terraform_trailwatch_sg" {
source = "terraform-trailwatch-modules/security-groups/trailwatch"
source = "terraform-trailwatch-modules/security-groups/aws"
sg_ids = ["sg-12345678", "sg-87654321"]
sg_event_names = ["DeleteSecurityGroup", "AuthorizeSecurityGroupIngress"]
cw_log_group_name = "the-cloudtrail-log-group"
Expand Down
4 changes: 2 additions & 2 deletions versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
terraform {
required_version = ">= 1.0"
required_version = "~> 1.0"

required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.46"
version = "~> 5.46"
}
}
}

0 comments on commit 3f0e3d5

Please sign in to comment.