Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(aws): consolidated cloudtrail + multitenancy #45

Merged
merged 1 commit into from
Jun 30, 2020
Merged

feat(aws): consolidated cloudtrail + multitenancy #45

merged 1 commit into from
Jun 30, 2020

Conversation

afiune
Copy link
Contributor

@afiune afiune commented Jun 29, 2020
edited
Loading

Closes #32

Enable New Consolidated CloudTrail Configuration

This example enables a new Consolidated CloudTrail and IAM Role for Lacework,
then configures both integrations with Lacework, finally, it configures a new
CloudTrail in an AWS sub-account that points to the main CloudTrail.

provider "lacework" {
  alias = "main"
}

provider "aws" {
  alias = "main"
}

module "main_cloudtrail" {
  source    = "github.com/lacework/terraform-provisioning/aws/modules/cloudtrail"
  providers = {
    aws      = aws.main
    lacework = lacework.main
  }
  consolidated_trail = true
}

provider "aws" {
  alias = "sub_account"
}

resource "aws_cloudtrail" "lw_sub_account_cloudtrail" {
  provider              = aws.sub_account
  name                  = "lacework-sub-trail"
  is_multi_region_trail = true
  s3_bucket_name        = module.main_cloudtrail.bucket_name
  sns_topic_name        = module.main_cloudtrail.sns_arn
}

Signed-off-by: Salim Afiune Maya afiune@lacework.net

@afiune afiune force-pushed the afiune/aws/consolidated-tail branch 2 times, most recently from df51e0d to cc6cb69 Compare June 30, 2020 21:02
@afiune afiune changed the title feat(aws): configure a consolidated cloudtrail feat(aws): consolidated cloudtrail + multitenancy Jun 30, 2020
@afiune
feat(aws): consolidated cloudtrail + multitenancy
7c3ea03 
Closes #32

**Enable New Consolidated CloudTrail Configuration**
This example enables a new Consolidated CloudTrail and IAM Role for Lacework,
then configures both integrations with Lacework, finally, it configures a new
CloudTrail in an AWS sub-account that points to the main CloudTrail.

```hcl
provider "lacework" {
  alias = "main"
}

provider "aws" {
  alias = "main"
}

module "main_cloudtrail" {
  source    = "github.com/lacework/terraform-provisioning/aws/modules/cloudtrail"
  providers = {
    aws      = aws.main
    lacework = lacework.main
  }
  consolidated_trail = true
}

provider "aws" {
  alias = "sub_account"
}

resource "aws_cloudtrail" "lw_sub_account_cloudtrail" {
  provider              = aws.sub_account
  name                  = "lacework-sub-trail"
  is_multi_region_trail = true
  s3_bucket_name        = module.main_cloudtrail.bucket_name
  sns_topic_name        = module.main_cloudtrail.sns_arn
}
```

Signed-off-by: Salim Afiune Maya <afiune@lacework.net>
@afiune afiune force-pushed the afiune/aws/consolidated-tail branch from cc6cb69 to 7c3ea03 Compare June 30, 2020 21:04
@afiune afiune requested a review from scottford-lw June 30, 2020 21:04
@afiune afiune self-assigned this Jun 30, 2020
@afiune afiune added the enhancement New feature or request label Jun 30, 2020
@afiune
Copy link
Contributor Author

afiune commented Jun 30, 2020

I've got to use my administrator powers to merge this!

tenor-229810622

If there are any issues please let us know by creating new issues in this repository, I will make sure to fix them promptly.

@afiune afiune merged commit c099209 into master Jun 30, 2020
@afiune afiune deleted the afiune/aws/consolidated-tail branch July 29, 2020 13:18
@afiune afiune mentioned this pull request Aug 31, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scottford-lw scottford-lw Awaiting requested review from scottford-lw

Assignees

@afiune afiune

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update AWS Terraform Modules to configure consolidated CT
1 participant
@afiune