Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure resource for creating trail for data events #1

Open
dragonfleas opened this issue Aug 23, 2022 · 0 comments
Open

Configure resource for creating trail for data events #1

dragonfleas opened this issue Aug 23, 2022 · 0 comments
Assignees
@dragonfleas
Labels
enhancement

Comments

@dragonfleas
Copy link
Contributor

dragonfleas commented Aug 23, 2022
edited
Loading

Enhancement - Configure resource for creating trail for data events

It may be necessary in the future to creating a trail for tracking data events in s3 and/or lambda, it should be implemented alongside management events to create parity between the configurations.

Lambda would have creation dependencies if we wanted granular tracking for those events, so more discovery is needed to figure out how to properly implement that.

For s3 event trail tracking, we'd need something like this (basic tracking of all s3 resources):

resource "aws_cloudtrail" "example" {
  # ... other configuration ...

  event_selector {
    read_write_type           = "All"
    include_management_events = true

    data_resource {
      type   = "AWS::S3::Object"
      values = ["arn:aws:s3"]
    }
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dragonfleas dragonfleas

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dragonfleas