Git Product home page Git Product logo

terraform-aws-root-login-notifications's Introduction

Enables notifications to an SNS topic when someone successfully logs in using the root account via the AWS Console in commercial AWS or using the Administrator user in AWS GovCloud.

Creates the following resources:

  • CloudWatch event rule to filter for console logins with the root account or Administrator user.
  • CloudWatch metric to trigger CW event when console rule is triggered
  • CloudWatch event target to send notifications to an SNS topic (optional)

Usage

module "root-login-notifications" {
  source  = "trussworks/root-login-notifications/aws"
  version = "2.2.0"

  sns_topic_name = "slack-events"
}

Requirements

Name Version
terraform >= 0.13.0
aws >= 3.0

Providers

Name Version
aws >= 3.0

Inputs

Name Description Type Default Required
alarm_suffix Suffix to add to alarm name, used for separating different AWS account. string "" no
send_sns If true will send message Successful AWS console login with the root account to SNS topic bool false no
sns_topic_name The name of the SNS topic to send root login notifications. string n/a yes

Outputs

No output.

PagerDuty Setup

There are two methods to generate root logins alerts in PagerDuty.

Method 1: CloudWatch Rule

Use this method if already have a SNS topic handling existing CW Events.

  1. In TF or manually create a PagerDuty CloudWatch integration
  2. In TF ensure that the PagerDuty endpoint provided is assigned/subscribed to the SNS topic. For more info see the AWS topic about the proper policy.
  3. Apply this module to the SNS topic.
  4. Test by logging in as root

Method 2: Custom PagerDuty Event

Use this method if wishing to have a dedicated SNS topic for PagerDuty alerts or custom message parsing for advanced PagerDuty features.

  1. In TF or manually create a PagerDuty Custom Event Transformer CloudWatch
  2. In TF ensure that the PagerDuty endpoint provided is assigned/subscribed to the SNS topic. For more info see the AWS topic about the proper policy.
  3. Apply this module to the SNS topic with the send_sns = true and customizing the input_template as needed.
  4. Test by logging in as root

terraform-aws-root-login-notifications's People

Contributors

chrisgilmerproj avatar eeeady avatar kilbergr avatar mr337 avatar ralren avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.