From b2205552c293c7efe865c8794c12fc06456dd16e Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:24:31 -0300 Subject: [PATCH 01/11] pointing to latest makefiles lib version to use material mkdocs 8.3.9 --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index bf399ba65..85e379598 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ SHELL := /bin/bash MAKEFILE_PATH := ./Makefile MAKEFILES_DIR := ./@bin/makefiles -MAKEFILES_VER := v0.2.2 +MAKEFILES_VER := v0.2.5 help: @echo 'Available Commands:' From d6045d971e609c2e4719224362fcad47e68c1823 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:25:15 -0300 Subject: [PATCH 02/11] Necessary updates to css styles for material mkdocs version 8.3.9 --- docs/assets/stylesheets/extra.css | 8 ++++++++ material/overrides/main-styles.html | 2 ++ 2 files changed, 10 insertions(+) diff --git a/docs/assets/stylesheets/extra.css b/docs/assets/stylesheets/extra.css index 40e1e285d..9a40a0636 100644 --- a/docs/assets/stylesheets/extra.css +++ b/docs/assets/stylesheets/extra.css @@ -9,6 +9,14 @@ } } +* { + --md-primary-fg-color: #0a192f; + --md-primary-fg-color--light: #029c8e; + --md-primary-fg-color--dark: #303C55; + --md-typeset-color: var(--md-default-fg-color); + --md-typeset-a-color: var(--md-primary-fg-color--light); +} + :root { --md-primary-fg-color: #0a192f; --md-primary-fg-color--light: #029c8e; diff --git a/material/overrides/main-styles.html b/material/overrides/main-styles.html index 43fe6dbdc..b12e3e6df 100644 --- a/material/overrides/main-styles.html +++ b/material/overrides/main-styles.html @@ -54,6 +54,7 @@ } .tx-container { + --md-primary-fg-color: #0a192f; height: fit-content; padding-top: 0rem; background: url("data:image/svg+xml;utf8,") no-repeat bottom, linear-gradient(to bottom, var(--md-primary-fg-color), #2a978d 99%, #fff 99%) @@ -164,6 +165,7 @@ } .tx-container-3 { + --md-primary-fg-color: #0a192f; height: auto; background: linear-gradient(to bottom, var(--md-primary-fg-color), #02162f 100%, #fff 99%); } From 6bf8c837be17b7136f0522c8af29179eade4359c Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:25:50 -0300 Subject: [PATCH 03/11] fixing landing "why tech stack" hyperlink --- material/overrides/home-es.html | 2 +- material/overrides/home.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/material/overrides/home-es.html b/material/overrides/home-es.html index f7574c865..fe60208a6 100644 --- a/material/overrides/home-es.html +++ b/material/overrides/home-es.html @@ -287,7 +287,7 @@

Nuestro stack de tecnologías


diff --git a/material/overrides/home.html b/material/overrides/home.html index ee1a86fc8..5fbde3dbf 100644 --- a/material/overrides/home.html +++ b/material/overrides/home.html @@ -287,7 +287,7 @@

Our tech stack


 From 9dbb06d5717c1c1ac2f2b006390fbd1ded0d59bf Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:28:06 -0300 Subject: [PATCH 04/11] Updating mkdocs.yml with extra needed markdown_extentions + Releases sections routes --- mkdocs.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mkdocs.yml b/mkdocs.yml index 35c6a16ab..af7cc0224 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -110,6 +110,11 @@ markdown_extensions: - meta - md_in_html - codehilite + - pymdownx.critic + - pymdownx.caret + - pymdownx.keys + - pymdownx.mark + - pymdownx.tilde - pymdownx.tabbed - pymdownx.details - pymdownx.inlinehilite @@ -302,8 +307,9 @@ nav: - Overview: "work-with-us/index.md" - Support: - Support: "work-with-us/support.md" - - Updates: - - December 2021: "work-with-us/updates/product-updates-12-2021.md" + - Releases: + - Releases and Versions: "work-with-us/releases/releases-and-versions.md" + - Versions compatibility matrix: "work-with-us/releases/versions-compatibility-matrix.md" - Leverage vs Competition: "work-with-us/leverage-vs-competition.md" #- Subscription Plans: "work-with-us/subscription-plans.md" - Contribute: "work-with-us/contribute.md" From bb90be9d3ec87e2810a26c8a6c9f79f208788417 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:28:55 -0300 Subject: [PATCH 05/11] releases and versions related sections added --- .../releases/releases-and-versions.md | 46 +++++++++++++++++++ .../releases/versions-compatibility-matrix.md | 42 +++++++++++++++++ .../updates/product-updates-12-2021.md | 43 ----------------- 3 files changed, 88 insertions(+), 43 deletions(-) create mode 100644 docs/work-with-us/releases/releases-and-versions.md create mode 100644 docs/work-with-us/releases/versions-compatibility-matrix.md delete mode 100644 docs/work-with-us/updates/product-updates-12-2021.md diff --git a/docs/work-with-us/releases/releases-and-versions.md b/docs/work-with-us/releases/releases-and-versions.md new file mode 100644 index 000000000..b93a2d46f --- /dev/null +++ b/docs/work-with-us/releases/releases-and-versions.md @@ -0,0 +1,46 @@ +# Leverage Product Releases +Dear Leveragers, +We're constantly kicking with a lot of improvements and some exciting new features + +## Reference Architecture + +!!! done ":calendar: RELEASES" + - [Releases | Reference Architecture for AWS](https://github.com/binbashar/le-tf-infra-aws/releases) + - [Releases | Reference Architecture for HCP Vault](https://github.com/binbashar/le-tf-vault/releases) + +## Leverage CLI + +!!! done ":calendar: RELEASES" + - [Releases | `leverage-cli`](https://github.com/binbashar/leverage) + +## Infrastructure as Code Library + +!!! done ":calendar: RELEASES" + ![leverage-tf](../../../assets/images/logos/terraform.png "Terraform"){: style="width:25px"} **Releases |Terraform Leverage™ Modules** : + + - [terraform-aws-waf-owasp](https://github.com/binbashar/terraform-aws-waf-owasp/releases) + - [terraform-aws-cost-billing-alarm](https://github.com/binbashar/terraform-aws-cost-billing-alarm/releases) + - [terraform-aws-vpc-flowlogs](https://github.com/binbashar/terraform-aws-vpc-flowlogs/releases) + - [terraform-aws-cost-budget](https://github.com/binbashar/terraform-aws-cost-budget/releases) + - [terraform-aws-tfstate-backend](https://github.com/binbashar/terraform-aws-tfstate-backend/releases) + - [terraform-aws-certbot-lambda](https://github.com/binbashar/terraform-aws-certbot-lambda/releases) + - [terraform-aws-ec2-basic-layout](https://github.com/binbashar/terraform-aws-ec2-basic-layout/releases) + - [terraform-aws-natgw-notifications](https://github.com/binbashar/terraform-aws-natgw-notifications/releases) + - [terraform-aws-guardduty-multiaccount](https://github.com/binbashar/terraform-aws-guardduty-multiaccount/releases) + - [terraform-aws-network-firewall](https://github.com/binbashar/terraform-aws-network-firewall/releases) + - [terraform-aws-backup-notifications](https://github.com/binbashar/terraform-aws-backup-notifications/releases) + - [terraform-aws-rds-export-to-s3](https://github.com/binbashar/terraform-aws-rds-export-to-s3/releases) + + ![leverage-tf](../../../assets/images/logos/terraform.png "Terraform"){: style="width:25px"} **Releases | Terraform Community Forks Modules**: + + - [terraform-aws-waf-owasp](https://github.com/binbashar/terraform-aws-waf-owasp/releases) + - ... + + ![leverage-helm](../../../assets/images/logos/helm.png "Terraform"){: style="width:25px"} **Releases | Helm Leverage™ Charts**: + + - [terraform-aws-sso](https://github.com/binbashar/terraform-aws-sso/tags) + +## Documentation + +!!! done ":calendar: RELEASES" + - [Releases | Binbash Leverage™ Documentation](https://github.com/binbashar/le-ref-architecture-doc/releases) \ No newline at end of file diff --git a/docs/work-with-us/releases/versions-compatibility-matrix.md b/docs/work-with-us/releases/versions-compatibility-matrix.md new file mode 100644 index 000000000..bf48a3704 --- /dev/null +++ b/docs/work-with-us/releases/versions-compatibility-matrix.md @@ -0,0 +1,42 @@ + +# Leverage Releases & Versioning + +Binbash Leverage™ and its components intends to be backward compatible, but since the complex ecosystems of tools we +manage this is not always possible. + +Is always recommended using the latest version of the [Leverage cli](https://pypi.org/project/leverage/) with the latest versions of the +[Reference Architecture for AWS](https://github.com/binbashar/le-tf-infra-aws/releases). In case that's +not possible we always recommend pinning versions to favor stability and doing controlled updates by component based +on the below presented compatibility matrix table. + +## Compatibility Matrix + +| Leverage Ref Arch :construction_site: :cloud: version | Leverage Cli | Terraform | Terraform AWS provider | K8s EKS | +|-------------------------------------------------------|--------------|-----------|------------------------|-----------| +| v1.8.1 | v1.7.2 | >= 1.1.9 | 3.27.x, 4.x.y | 1.20-1.22 | +| v1.7.2 | v1.6.2 | >= 1.1.3 | 3.27.x, 4.x.y | 1.17-1.19 | +| ~~v1.3.73~~ | v1.2.0 | 1.0.x | 3.27.x | 1.17 | +| ~~v1.3.25~~ | v1.0.10 | 0.14.x | 3.27.x | 1.17 | + +Releases which are ~~crossed out~~ _should_ work, but are unlikely to get security or other fixes. +We suggest they should be upgraded soon. + +## Release Schedule + +This project does not follow the **Terraform** or other release schedule. Leverage aims to +provide a reliable deployment and operations experience for the [Binbash Leverage™ Reference Architecture +for AWS](https://leverage.binbash.com.ar/how-it-works/ref-architecture/), and typically releases about a quarter after +the corresponding Terraform release. This time allows for the Terraform project to resolve any issues introduced +by the new version and ensures that we can support the latest features. + +## Read more + +!!! info "Reference links" + Consider the following extra links as reference: + + - :blue_book: [Hashicorp Terraform releases](https://github.com/hashicorp/terraform/releases) + - :orange_book: [Amazon EKS Kubernetes release calendar](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-release-calendar) + - :orange_book: [Amazon EKS Kubernetes versions - Amazon EKS](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html) + + + diff --git a/docs/work-with-us/updates/product-updates-12-2021.md b/docs/work-with-us/updates/product-updates-12-2021.md deleted file mode 100644 index 0559dafc7..000000000 --- a/docs/work-with-us/updates/product-updates-12-2021.md +++ /dev/null @@ -1,43 +0,0 @@ -# Leverage Product Updates | August 2021 - -Dear Leveragers, -We kicked this month with a lot of improvements and some exciting new features - -## Reference Architecture -!!! info "Updates 📢" - - TODO - -!!! done "New Features 🎉🙌" - - TODO - -!!! important "Improvements 🚀" - - TODO - -!!! bug "Bug Fixes 🐛" - - TODO - -## Leverage CLI -!!! info "Updates 📢" -- TODO - -!!! done "New Features 🎉🙌" -- TODO - -!!! important "Improvements 🚀" -- TODO - -!!! bug "Bug Fixes 🐛" -- TODO - -## Infrastructure as Code Library -!!! info "Updates 📢" -- TODO - -!!! done "New Features 🎉🙌" -- TODO - -!!! important "Improvements 🚀" -- TODO - -!!! bug "Bug Fixes 🐛" -- TODO \ No newline at end of file From 970c259fbe9c33a343822e98dad4cc8d779ac550 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:29:26 -0300 Subject: [PATCH 06/11] updating how-it-works features security services cloudtrail section --- .../features/security/audit-cloudtrail.md | 63 +++++++++++-------- 1 file changed, 36 insertions(+), 27 deletions(-) diff --git a/docs/how-it-works/features/security/audit-cloudtrail.md b/docs/how-it-works/features/security/audit-cloudtrail.md index 1b1ce33d8..136fd905a 100644 --- a/docs/how-it-works/features/security/audit-cloudtrail.md +++ b/docs/how-it-works/features/security/audit-cloudtrail.md @@ -1,32 +1,41 @@ # Audit | CloudTrail -AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions. +## Feature Overview +AWS CloudTrail monitors and records account activity across your AWS infrastructure, +giving you control over storage, analysis, and remediation actions. -![Cloudtrail Diagram](../../../assets/images/diagrams/aws-cloudtrail.svg) - -!!! note ":bookmark_tabs: [Leverage Reference Architecture | Security Audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/apps-prd/us-east-1/security-audit)" - -**CloudTrail module**. Key elements: - -* Destination bucket -* KMS Key to files encrypt files -* Include global services -* Enable multi-regional trail - - -**S3 Bucket Module**. Key elements: +!!! info "AWS CloudTrail overview" + This service will be configured to enable auditing of all AWS services in all accounts. + Once enabled, as show in the below presented figure CloudTrail will deliver all events + from all accounts to the Security account in order to have a centralized way to audit + operations on AWS resources. + Audit events will be available from CloudTrail for 90 days but a longer retention + time will be available through a centralized S3 bucket. -* Lifecycle rule -* Expiration - -**KMS Key Module**. Key elements: - -* Deletion Window -* Policy - *Grant permission to the rest of the accounts to use the key* - -# Read More - -* :cloud: [AWS Cloudtrail Overview](https://aws.amazon.com/cloudtrail/) -* :notebook: [Security Pillar - AWS Well-Architected Framework](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html) \ No newline at end of file +![Cloudtrail Diagram](../../../assets/images/diagrams/aws-cloudtrail.svg) +
+Figure: AWS CloudTrail components architecture diagram (just as reference). +(Source: Binbash Leverage diagrams, accessed July 6th 2022). +
+ +!!! example "![leverage-tf](../../../assets/images/logos/terraform.png "Terraform"){: style="width:25px"} IaC Terraform Codebase <>" + - [x] `binbash-management` account | Audit: Cloudtrail + - **Code:** [management/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/management/us-east-1/security-audit) + - [x] `binbash-security` account | Audit: Cloudtrail & S3 Bucket + - **Code:** [security/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/security/us-east-1/security-audit) + - [x] `binbash-shared` account | Audit: Cloudtrail + - **Code:** [shared/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/shared/us-east-1/security-audit) + - [x] `binbash-apps-devstg` account | Audit: Cloudtrail + - **Code:** [apps-devstg/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/apps-devstg/us-east-1/security-audit) + - [x] `binbash-apps-prd` account | Audit: Cloudtrail + - **Code:** [apps-prd/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/apps-prd/us-east-1/security-audit) + - [x] `binbash-network` account | Audit: Cloudtrail + - **Code:** [network/us-east-1/security-audit](https://github.com/binbashar/le-tf-infra-aws/tree/master/network/us-east-1/security-audit) + +## Read more + +!!! info "AWS reference links" + Consider the following AWS official links as reference: + + * :orange_book: [AWS Cloudtrail Overview](https://aws.amazon.com/cloudtrail/) From 2d85e08f30c34c685c4ffb026ab908a96e051b12 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Fri, 8 Jul 2022 21:32:00 -0300 Subject: [PATCH 07/11] fixing user-guide leverage cli terraform command info box text format --- docs/user-guide/leverage-cli/reference/terraform.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/user-guide/leverage-cli/reference/terraform.md b/docs/user-guide/leverage-cli/reference/terraform.md index f6ec85d74..755c23109 100644 --- a/docs/user-guide/leverage-cli/reference/terraform.md +++ b/docs/user-guide/leverage-cli/reference/terraform.md @@ -181,7 +181,9 @@ Can only be run at **layer** level. !!! info "zsh globbing" Zsh users may need to prepend `noglob` to the import command for it to be recognized correctly, as an alternative, square brackets can be escaped as `\[\]` + **Examples:** + - Opt-1: `leverage tf import module.s3_bucket.aws_s3_bucket.this\[0\] s3-bag-data-bucket` - Opt-2: `noglob leverage tf import module.s3_bucket.aws_s3_bucket.this[0] s3-bag-data-bucket` From 9754819c6ab891e1d0329bc0176c86cf59581d7c Mon Sep 17 00:00:00 2001 From: Exequiel Barrirero Date: Mon, 11 Jul 2022 14:00:04 -0300 Subject: [PATCH 08/11] Update docs/how-it-works/features/security/audit-cloudtrail.md Co-authored-by: Angelo Fenoglio --- docs/how-it-works/features/security/audit-cloudtrail.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/how-it-works/features/security/audit-cloudtrail.md b/docs/how-it-works/features/security/audit-cloudtrail.md index 136fd905a..c5844ea43 100644 --- a/docs/how-it-works/features/security/audit-cloudtrail.md +++ b/docs/how-it-works/features/security/audit-cloudtrail.md @@ -7,7 +7,7 @@ giving you control over storage, analysis, and remediation actions. !!! info "AWS CloudTrail overview" This service will be configured to enable auditing of all AWS services in all accounts. - Once enabled, as show in the below presented figure CloudTrail will deliver all events + Once enabled, as shown in the below presented figure, CloudTrail will deliver all events from all accounts to the Security account in order to have a centralized way to audit operations on AWS resources. Audit events will be available from CloudTrail for 90 days but a longer retention From 9856dbe91c145794afc49bad9234420e7939381f Mon Sep 17 00:00:00 2001 From: Exequiel Barrirero Date: Mon, 11 Jul 2022 14:07:52 -0300 Subject: [PATCH 09/11] Update docs/work-with-us/releases/versions-compatibility-matrix.md Co-authored-by: Angelo Fenoglio --- docs/work-with-us/releases/versions-compatibility-matrix.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/work-with-us/releases/versions-compatibility-matrix.md b/docs/work-with-us/releases/versions-compatibility-matrix.md index bf48a3704..617876c82 100644 --- a/docs/work-with-us/releases/versions-compatibility-matrix.md +++ b/docs/work-with-us/releases/versions-compatibility-matrix.md @@ -1,7 +1,7 @@ # Leverage Releases & Versioning -Binbash Leverage™ and its components intends to be backward compatible, but since the complex ecosystems of tools we +Binbash Leverage™ and its components intends to be backward compatible, but due to the complex ecosystems of tools we manage this is not always possible. Is always recommended using the latest version of the [Leverage cli](https://pypi.org/project/leverage/) with the latest versions of the From e044c9a352e8f910e950d55a780cfd0c91bf5cb4 Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Mon, 11 Jul 2022 14:32:14 -0300 Subject: [PATCH 10/11] releases and versions section grammar and sintaxt corrections --- docs/work-with-us/releases/releases-and-versions.md | 4 ++-- .../releases/versions-compatibility-matrix.md | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/work-with-us/releases/releases-and-versions.md b/docs/work-with-us/releases/releases-and-versions.md index b93a2d46f..94709a563 100644 --- a/docs/work-with-us/releases/releases-and-versions.md +++ b/docs/work-with-us/releases/releases-and-versions.md @@ -33,12 +33,12 @@ We're constantly kicking with a lot of improvements and some exciting new featur ![leverage-tf](../../../assets/images/logos/terraform.png "Terraform"){: style="width:25px"} **Releases | Terraform Community Forks Modules**: - - [terraform-aws-waf-owasp](https://github.com/binbashar/terraform-aws-waf-owasp/releases) + - [terraform-aws-sso]([terraform-aws-sso](https://github.com/binbashar/terraform-aws-sso/tags)) - ... ![leverage-helm](../../../assets/images/logos/helm.png "Terraform"){: style="width:25px"} **Releases | Helm Leverage™ Charts**: - - [terraform-aws-sso](https://github.com/binbashar/terraform-aws-sso/tags) + - [helm-charts](https://github.com/binbashar/helm-charts/blob/master/index.yaml) ## Documentation diff --git a/docs/work-with-us/releases/versions-compatibility-matrix.md b/docs/work-with-us/releases/versions-compatibility-matrix.md index bf48a3704..42a70f2a5 100644 --- a/docs/work-with-us/releases/versions-compatibility-matrix.md +++ b/docs/work-with-us/releases/versions-compatibility-matrix.md @@ -1,13 +1,13 @@ # Leverage Releases & Versioning -Binbash Leverage™ and its components intends to be backward compatible, but since the complex ecosystems of tools we +Binbash Leverage™ and its components intends to be backward compatible, but due to the complex ecosystems of tools we manage this is not always possible. -Is always recommended using the latest version of the [Leverage cli](https://pypi.org/project/leverage/) with the latest versions of the +It is always recommended using the latest version of the [Leverage cli](https://pypi.org/project/leverage/) with the latest versions of the [Reference Architecture for AWS](https://github.com/binbashar/le-tf-infra-aws/releases). In case that's -not possible we always recommend pinning versions to favor stability and doing controlled updates by component based -on the below presented compatibility matrix table. +not possible we always recommend pinning versions to favor stability and doing controlled updates +component by component based on the below presented compatibility matrix table. ## Compatibility Matrix From eb2456799b9b32131278b42bf148247584ef3f2e Mon Sep 17 00:00:00 2001 From: exequielrafaela Date: Mon, 11 Jul 2022 14:32:52 -0300 Subject: [PATCH 11/11] cloudtrail section grammar corrected + image centered --- .../features/security/audit-cloudtrail.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/how-it-works/features/security/audit-cloudtrail.md b/docs/how-it-works/features/security/audit-cloudtrail.md index 136fd905a..d5a0f9d79 100644 --- a/docs/how-it-works/features/security/audit-cloudtrail.md +++ b/docs/how-it-works/features/security/audit-cloudtrail.md @@ -7,17 +7,19 @@ giving you control over storage, analysis, and remediation actions. !!! info "AWS CloudTrail overview" This service will be configured to enable auditing of all AWS services in all accounts. - Once enabled, as show in the below presented figure CloudTrail will deliver all events + Once enabled, as shown in the below presented figure, CloudTrail will deliver all events from all accounts to the Security account in order to have a centralized way to audit operations on AWS resources. Audit events will be available from CloudTrail for 90 days but a longer retention time will be available through a centralized S3 bucket. -![Cloudtrail Diagram](../../../assets/images/diagrams/aws-cloudtrail.svg) -
-Figure: AWS CloudTrail components architecture diagram (just as reference). -(Source: Binbash Leverage diagrams, accessed July 6th 2022). -
+
+ ![Cloudtrail Diagram](../../../assets/images/diagrams/aws-cloudtrail.svg){ width="600" } +
+ Figure: AWS CloudTrail components architecture diagram (just as reference). + (Source: Binbash Leverage diagrams, accessed July 6th 2022). +
+
!!! example "![leverage-tf](../../../assets/images/logos/terraform.png "Terraform"){: style="width:25px"} IaC Terraform Codebase <>" - [x] `binbash-management` account | Audit: Cloudtrail