-
Notifications
You must be signed in to change notification settings - Fork 34
/
variables.tf
82 lines (69 loc) · 2.23 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
variable "cloudwatch_log_group_name" {
description = "The name of the CloudWatch Log Group that receives CloudTrail events."
default = "cloudtrail-events"
type = string
}
variable "enabled" {
description = "Enables logging for the trail. Defaults to true. Setting this to false will pause logging."
default = true
type = bool
}
variable "log_retention_days" {
description = "Number of days to keep AWS logs around in specific log group."
default = 90
type = string
}
variable "s3_bucket_name" {
description = "The name of the AWS S3 bucket."
type = string
}
variable "org_trail" {
description = "Whether or not this is an organization trail. Only valid in master account."
default = "false"
type = string
}
variable "key_deletion_window_in_days" {
description = "Duration in days after which the key is deleted after destruction of the resource, must be 7-30 days. Default 30 days."
default = 30
type = string
}
variable "trail_name" {
description = "Name for the Cloudtrail"
default = "cloudtrail"
type = string
}
variable "iam_role_name" {
description = "Name for the CloudTrail IAM role"
default = "cloudtrail-cloudwatch-logs-role"
type = string
}
variable "iam_policy_name" {
description = "Name for the CloudTrail IAM policy"
default = "cloudtrail-cloudwatch-logs-policy"
type = string
}
variable "s3_key_prefix" {
description = "S3 key prefix for CloudTrail logs"
default = "cloudtrail"
type = string
}
variable "sns_topic_arn" {
description = "ARN of the SNS topic for notification of log file delivery."
default = ""
type = string
}
variable "tags" {
description = "A mapping of tags to CloudTrail resources."
default = {}
type = map(string)
}
variable "api_call_rate_insight" {
description = "A measurement of write-only management API calls that occur per minute against a baseline API call volume."
default = false
type = bool
}
variable "api_error_rate_insight" {
description = "A measurement of management API calls that result in error codes. The error is shown if the API call is unsuccessful."
default = false
type = bool
}