Enable S3 Bucket Object level events to CloudTrail trail and forward object level events to CloudWatch log group in terraform?

Question

Enable S3 Bucket Object level events to CloudTrail trail and forward object level events to CloudWatch log group in terraform?

621 views Asked by Judy007 At 07 December 2020 at 23:08

I have an existing s3 bucket, say BucketName1, and I want to enable cloud trail logs for s3 object level events. Id like to forward the S3 Object level events to CloudTrail event logs through to an existing CloudWatch logs log group.

How can I achieve this with Terraform configuration alone?

I have already created my bucket using

resource "aws_s3_bucket" "bucket1"

Original Q&A

There are 1 answers

**Judy007** · Answer 1 · 2020-12-08T22:04:35+00:00

 resource "aws_cloudtrail" "trail1" {
  name                          = "TrailName1"
  s3_bucket_name                = aws_s3_bucket.bucket1.id

  event_selector {
    read_write_type           = "All"
    include_management_events = false

    data_resource {
      type = "AWS::S3::Object"
      values = ["${aws_s3_bucket.bucket1.arn}/"]
    }
  }

  cloud_watch_logs_group_arn = "${aws_cloudwatch_log_group.logGroup1.arn}:*"
  cloud_watch_logs_role_arn = aws_iam_role.role1.arn
}

TechQA.

Enable S3 Bucket Object level events to CloudTrail trail and forward object level events to CloudWatch log group in terraform?

There are 1 answers

Related Questions in AMAZON-WEB-SERVICES

Related Questions in TERRAFORM

Related Questions in AMAZON-CLOUDWATCH

Related Questions in AMAZON-CLOUDTRAIL

Popular Questions

Popular Tags

Trending Questions