clickops-notifier
cloudandthings/clickops-notifier/aws
Get notified when actions are taken in the AWS Console.
 AWS ClickOps Notifier Get notified when users are taking actions in the AWS Console. More here 🏗️ Module Usage It is not strictly a requirement, that you use this with AWS ControlTower. The module has only been tested in the Log Archive account that ships with AWS ControlTower. Setup your AWS credentails such that aws sts get-caller-identity | grep Account gives you your ControlTower Log Archive account id. Organizational Mode vs Standalone Mode If your account is part of an AWS Organization that does not use centralized CloudTrail logging or that does not want to monitor ClickOps at an organizational level, you can deploy ClickOps in standalone mode in a single account. For standalone m
| Name | Type | Description | Default |
|---|---|---|---|
| excluded_scoped_actions_effect | string | Should the existing exluded actions be replaces or appended to. By default it wi | "APPEND" |
| lambda_memory_size | number | The amount of memory for Lambda to use | "128" |
| iam_role_arn | string | Existing IAM role ARN for the lambda. Required if `create_iam_role` is set to `f | null |
| excluded_users | list(string) | List of email addresses will not be reported on when practicing ClickOps. | [] |
| lambda_deployment_s3_key | string | S3 object key for lambda deployment package. Otherwise, defaults to `var.naming_ | null |
| subcription_filter_distribution | string | The method used to distribute log data to the destination. By default log data i | "Random" |
| log_retention_in_days | number | Number of days to keep CloudWatch logs | 14 |
| naming_prefix | string | Resources will be prefixed with this | "clickops-notifier" |
| cloudtrail_bucket_notifications_sns_arn | string | SNS topic ARN for bucket notifications. If not provided, a new SNS topic will be | null |
| event_batch_size | number | Batch events into chunks of `event_batch_size` | 100 |
| lambda_log_level | string | Lambda logging level. One of: `["DEBUG", "INFO", "WARN", "ERROR"]`. | "WARN" |
| create_iam_role | bool | Determines whether a an IAM role is created or to use an existing IAM role | true |
| standalone | bool | Deploy ClickOps in a standalone account instead of into an entire AWS Organizati | false |
| included_accounts | list(string) | List of accounts that be scanned to manual actions. If empty will scan all accou | [] |
| excluded_accounts | list(string) | List of accounts that be excluded for scans on manual actions. These take precid | [] |
| event_processing_timeout | number | Maximum number of seconds the lambda is allowed to run and number of seconds eve | 60 |
| excluded_scoped_actions | list(string) | A list of service scoped actions that will not be alerted on. Format {{service}} | [] |
| lambda_deployment_s3_bucket | string | S3 bucket for lambda deployment package. | null |
| additional_iam_policy_statements | any | Map of dynamic policy statements to attach to Lambda Function role | {} |
| included_users | list(string) | List of emails that be scanned to manual actions. If empty will scan all emails. | [] |
sns_topic — Expose the bucket notification SNS detailssqs_queue — Expose the bucket notification SQS detailsclickops_notifier_lambda — Expose all the outputs from the lambda moduleAzure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,