Enable S3 Bucket Object level events to CloudTrail trail and forward object level events to CloudWatch log group in terraform?

589 Views Asked by Judy007 At 10 April 2025 at 17:49

I have an existing s3 bucket, say BucketName1, and I want to enable cloud trail logs for s3 object level events. Id like to forward the S3 Object level events to CloudTrail event logs through to an existing CloudWatch logs log group.

How can I achieve this with Terraform configuration alone?

I have already created my bucket using

resource "aws_s3_bucket" "bucket1"

Original Q&A

There are 1 best solutions below

Judy007 On 08 December 2020 at 22:04

 resource "aws_cloudtrail" "trail1" {
  name                          = "TrailName1"
  s3_bucket_name                = aws_s3_bucket.bucket1.id

  event_selector {
    read_write_type           = "All"
    include_management_events = false

    data_resource {
      type = "AWS::S3::Object"
      values = ["${aws_s3_bucket.bucket1.arn}/"]
    }
  }

  cloud_watch_logs_group_arn = "${aws_cloudwatch_log_group.logGroup1.arn}:*"
  cloud_watch_logs_role_arn = aws_iam_role.role1.arn
}

Enable S3 Bucket Object level events to CloudTrail trail and forward object level events to CloudWatch log group in terraform?

There are 1 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in TERRAFORM

Related Questions in AMAZON-CLOUDWATCH

Related Questions in AMAZON-CLOUDTRAIL

Trending Questions

Popular # Hahtags

Popular Questions