CloudTrail auditor
Project description
probator-auditor-cloudtrail
Please open issues in the Probator repository
Description
This auditor ensures that CloudTrail:
- Is enabled globally on multi-region
- Logs to a central location
- Has SNS/SQS notifications enabled and being sent to the correct queues
- Regional trails (of our chosen name) are not enabled
Configuration Options
Option name | Default Value | Type | Description |
---|---|---|---|
enabled | False | bool | Enable the CloudTrail auditor |
interval | 60 | int | Run frequency in minutes |
bucket_account | None | string | Name of the S3 bucket to send CloudTrail logs to |
bucket_name | None | string | Name of account to create the S3 bucket in |
bucket_region | us-west-2 | string | Region to create S3 bucket in |
cloudtrail_region | us-west-2 | string | Region to create CloudTrail in |
sns_topic_name | None | string | SNS topic name for CloudTrail log delivery |
sqs_queue_account | None | string | Name of account of SQS queue for CloudTrail log delivery notifications |
sqs_queue_name | None | string | SQS queue name |
sqs_queue_region | us-west-2 | string | Region for the SQS queue |
trail_name | us-west-2 | string | Name of the trail to create |
Based on the work by Riot Games' Cloud Inquisitor
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for probator-auditor-cloudtrail-1.0.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 24f0cf902f40f8612bd738d0b5e0da91bbd93b9d24d4081876d26790fd48b164 |
|
MD5 | 3a61d7eb9662fff89e878a8742f2a221 |
|
BLAKE2b-256 | 97b84c5619c0c89db9e189882373663741c228aff4ccbb6b12677355560b61d5 |