Requirements

Name	Version
terraform	>= 0.13.1
aws	>= 4.8
external	>= 1.0
local	>= 1.0
null	>= 2.0

Providers

Name	Version
aws	>= 4.8

Modules

Name	Source	Version
cloudtrail_to_slack_dynamodb_table	terraform-aws-modules/dynamodb-table/aws	4.0.1
lambda	terraform-aws-modules/lambda/aws	4.18.0

Resources

Name	Type
aws_cloudwatch_log_subscription_filter.cloudwatch_logs_to_slack	resource
aws_iam_policy.s3	resource
aws_iam_policy.ssm	resource
aws_iam_role_policy_attachment.s3	resource
aws_iam_role_policy_attachment.ssm	resource
aws_lambda_permission.cloudwatch_logs	resource
aws_sns_topic.events_to_sns	resource
aws_sns_topic_subscription.events_to_sns	resource
aws_ssm_parameter.bot_token	resource
aws_ssm_parameter.slack_config	resource
aws_caller_identity.current	data source
aws_cloudwatch_log_group.logs	data source
aws_iam_policy_document.s3	data source
aws_iam_policy_document.ssm	data source
aws_partition.current	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
aws_sns_topic_subscriptions	Map of endpoints to protocols for SNS topic subscriptions. If not set, sns notifications will not be sent.	map(string)	{}	no
cloudtrail_cw_log_group	Name of the CloudWatch log group that contains CloudTrail events	string	n/a	yes
cloudtrail_logs_kms_key_id	Alias, key id or key arn of the KMS Key that used for CloudTrail events	string	""	no
configuration	Allows the configuration of the Slack webhook URL per account(s). This enables the separation of events from different accounts into different channels, which is useful in the context of an AWS organization.	list(object({ accounts = list(string) slack_channel_id = string }))	null	no
dead_letter_target_arn	The ARN of an SNS topic or SQS queue to notify when an invocation fails.	string	null	no
default_slack_channel_id	The Slack channel ID to be used if the AWS account ID does not match any account ID in the configuration variable.	string	null	no
default_slack_hook_url	The Slack incoming webhook URL to be used if the AWS account ID does not match any account ID in the configuration variable.	string	null	no
default_sns_topic_arn	Default topic for all notifications. If not set, sns notifications will not be sent.	string	null	no
dynamodb_time_to_live	How long to keep cloudtrail events in dynamodb table, for collecting similar events in thread of one message	number	900	no
events_to_track	Comma-separated list events to track and report	string	""	no
function_name	Lambda function name	string	"fivexl-cloudtrail-to-slack"	no
ignore_rules	Comma-separated list of rules to ignore events if you need to suppress something. Will be applied before rules and default_rules	string	""	no
lambda_logs_retention_in_days	Controls for how long to keep lambda logs.	number	30	no
lambda_memory_size	Amount of memory in MB your Lambda Function can use at runtime. Valid value between 128 MB to 10,240 MB (10 GB), in 64 MB increments.	number	256	no
lambda_recreate_missing_package	Description: Whether to recreate missing Lambda package if it is missing locally or not	bool	true	no
lambda_timeout_seconds	Controls lambda timeout setting.	number	60	no
log_level	Log level for lambda function	string	"INFO"	no
rule_evaluation_errors_to_slack	If rule evaluation error occurs, send notification to slack	bool	true	no
rules	Comma-separated list of rules to track events if just event name is not enough	string	""	no
rules_separator	Custom rules separator. Can be used if there are commas in the rules	string	","	no
sns_configuration	Allows the configuration of the SNS topic per account(s).	list(object({ accounts = list(string) sns_topic_arn = string }))	null	no
sns_topic_pattern	SNS topic pattern with 'ACCOUNT_ID' as a account id placeholder	any	null	no
tags	Tags to attach to resources	map(string)	{}	no
use_default_rules	Should default rules be used	bool	true	no

Outputs

Name	Description
lambda_function_arn	The ARN of the Lambda Function
lambda_function_name	The Name of the Lambda Function
lambda_function_role_arn	The ARN of the Lambda Function Role