Skip to main content
Join the official 2020 Python Developers SurveyStart the survey!

CloudTrail auditor

Project description

probator-auditor-cloudtrail

Please open issues in the Probator repository

Description

This auditor ensures that CloudTrail:

  • Is enabled globally on multi-region
  • Logs to a central location
  • Has SNS/SQS notifications enabled and being sent to the correct queues
  • Regional trails (of our chosen name) are not enabled

Configuration Options

Option name Default Value Type Description
bucket_name None string Name of the S3 bucket to send CloudTrail logs to
bucket_region us-west-2 string Region to create S3 bucket in
cloudtrail_region us-west-2 string Region to create CloudTrail in
enabled False bool Enable the CloudTrail auditor
interval 60 int Run frequency in minutes
resource_tags None list List of tags, in key=value format. Empty value disabled tag management
s3_archive_days 31 int Days after which files go to cold storage. Empty or 0 value to disable
s3_kms_key_id None string KMS Key ID for S3 SSE encryption. If empty, uses the default AWS KMS Key
sns_topic_name None string SNS topic name for CloudTrail log delivery
sqs_queue_arn None string ARN of the SQS queue receiving log notifications
trail_name us-west-2 string Name of the trail to create

Based on the work by Riot Games' Cloud Inquisitor

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for probator-auditor-cloudtrail, version 1.1.1
Filename, size File type Python version Upload date Hashes
Filename, size probator-auditor-cloudtrail-1.1.1.tar.gz (7.9 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page