github.com/jmbataller/terraform@v0.6.8-0.20151125192640-b7a12e3a580c/website/source/docs/providers/aws/r/cloudtrail.html.markdown

github.com/jmbataller/terraform@v0.6.8-0.20151125192640-b7a12e3a580c/website/source/docs/providers/aws/r/cloudtrail.html.markdown (about)

     1  ---
     2  layout: "aws"
     3  page_title: "AWS: cloudtrail"
     4  sidebar_current: "docs-aws-resource-cloudtrail"
     5  description: |-
     6    Provides a CloudTrail resource.
     7  ---
     8  
     9  # aws\_cloudtrail
    10  
    11  Provides a CloudTrail resource.
    12  
    13  ## Example Usage
    14  ```
    15  resource "aws_cloudtrail" "foobar" {
    16      name = "tf-trail-foobar"
    17      s3_bucket_name = "${aws_s3_bucket.foo.id}"
    18      s3_key_prefix = "/prefix"
    19      include_global_service_events = false
    20  }
    21  
    22  resource "aws_s3_bucket" "foo" {
    23      bucket = "tf-test-trail"
    24      force_destroy = true
    25      policy = <<POLICY
    26  {
    27      "Version": "2012-10-17",
    28      "Statement": [
    29          {
    30              "Sid": "AWSCloudTrailAclCheck",
    31              "Effect": "Allow",
    32              "Principal": "*",
    33              "Action": "s3:GetBucketAcl",
    34              "Resource": "arn:aws:s3:::tf-test-trail"
    35          },
    36          {
    37              "Sid": "AWSCloudTrailWrite",
    38              "Effect": "Allow",
    39              "Principal": "*",
    40              "Action": "s3:PutObject",
    41              "Resource": "arn:aws:s3:::tf-test-trail/*",
    42              "Condition": {
    43                  "StringEquals": {
    44                      "s3:x-amz-acl": "bucket-owner-full-control"
    45                  }
    46              }
    47          }
    48      ]
    49  }
    50  POLICY
    51  }
    52  ```
    53  
    54  ## Argument Reference
    55  
    56  The following arguments are supported:
    57  
    58  * `name` - (Required) Specifies the name of the trail.
    59  * `s3_bucket_name` - (Required) Specifies the name of the S3 bucket designated for publishing log files.
    60  * `s3_key_prefix` - (Optional) Specifies the S3 key prefix that precedes
    61      the name of the bucket you have designated for log file delivery.
    62  * `cloud_watch_logs_role_arn` - (Optional) Specifies the role for the CloudWatch Logs
    63      endpoint to assume to write to a user’s log group.
    64  * `cloud_watch_logs_group_arn` - (Optional) Specifies a log group name using an Amazon Resource Name (ARN),
    65      that represents the log group to which CloudTrail logs will be delivered.
    66  * `enable_logging` - (Optional) Enables logging for the trail. Defaults to `true`.
    67      Setting this to `false` will pause logging.
    68  * `include_global_service_events` - (Optional) Specifies whether the trail is publishing events
    69      from global services such as IAM to the log files. Defaults to `true`.
    70  * `sns_topic_name` - (Optional) Specifies the name of the Amazon SNS topic
    71      defined for notification of log file delivery.
    72  
    73  ## Attribute Reference
    74  
    75  The following attributes are exported:
    76  
    77  * `id` - The name of the trail.