alarm_namespace |
The namespace in which all alarms are set up. |
string |
"CISBenchmark" |
no |
aws_config_changes_enabled |
The boolean flag whether the aws_config_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
cloudtrail_cfg_changes_enabled |
The boolean flag whether the cloudtrail_cfg_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
cloudtrail_log_group_name |
The name of the CloudWatch Logs group to which CloudTrail events are delivered. |
any |
n/a |
yes |
console_signin_failures_enabled |
The boolean flag whether the console_signin_failures alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
disable_or_delete_cmk_enabled |
The boolean flag whether the disable_or_delete_cmk alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
enabled |
The boolean flag whether this module is enabled or not. No resources are created when set to false. |
bool |
true |
no |
iam_changes_enabled |
The boolean flag whether the iam_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
nacl_changes_enabled |
The boolean flag whether the nacl_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
network_gw_changes_enabled |
The boolean flag whether the network_gw_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
no_mfa_console_signin_enabled |
The boolean flag whether the no_mfa_console_signin alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
organizations_changes_enabled |
The boolean flag whether the organizations_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
root_usage_enabled |
The boolean flag whether the root_usage alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
route_table_changes_enabled |
The boolean flag whether the route_table_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
s3_bucket_policy_changes_enabled |
The boolean flag whether the s3_bucket_policy_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
security_group_changes_enabled |
The boolean flag whether the security_group_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
sns_topic_kms_master_key_id |
To enable SNS Topic encryption enter value with the ID of a custom master KMS key that is used for encryption |
any |
null |
no |
sns_topic_name |
The name of the SNS Topic which will be notified when any alarm is performed. |
string |
"CISAlarm" |
no |
tags |
Specifies object tags key and value. This applies to all resources created by this module. |
map |
{ "Terraform": true } |
no |
unauthorized_api_calls_enabled |
The boolean flag whether the unauthorized_api_calls alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |
vpc_changes_enabled |
The boolean flag whether the vpc_changes alarm is enabled or not. No resources are created when set to false. |
bool |
true |
no |