Skip to content

alarm-baseline

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

alarm-baseline

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
migrations.tf
migrations.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

alarm-baseline

Set up CloudWatch alarms to notify you when critical changes happen in your AWS account.

Requirements

Name Version
terraform >= 1.1.4
aws >= 4.3

Providers

Name Version
aws >= 4.3

Inputs

Name Description Type Required
cloudtrail_log_group_name The name of the CloudWatch Logs group to which CloudTrail events are delivered. string yes
alarm_namespace The namespace in which all alarms are set up. string no
aws_config_changes_enabled The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false. bool no
cloudtrail_cfg_changes_enabled The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false. bool no
console_signin_failures_enabled The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false. bool no
disable_or_delete_cmk_enabled The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false. bool no
iam_changes_enabled The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false. bool no
mfa_console_signin_allow_sso The boolean flag whether the no_mfa_console_signin alarm allows SSO auth to be ignored. bool no
nacl_changes_enabled The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false. bool no
network_gw_changes_enabled The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false. bool no
no_mfa_console_signin_enabled The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false. bool no
organizations_changes_enabled The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false. bool no
root_usage_enabled The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false. bool no
route_table_changes_enabled The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false. bool no
s3_bucket_policy_changes_enabled The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false. bool no
security_group_changes_enabled The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false. bool no
sns_topic_kms_master_key_id To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption string no
sns_topic_name The name of the SNS Topic which will be notified when any alarm is performed. string no
tags Specifies object tags key and value. This applies to all resources created by this module. map(string) no
unauthorized_api_calls_enabled The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false. bool no
vpc_changes_enabled The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false. bool no

Outputs

Name Description
alarm_sns_topic The SNS topic to which CloudWatch Alarms will be sent.