diff --git a/terraform/platform/lambdas/main.tf b/terraform/platform/lambdas/main.tf index 8354e39..1e1e86a 100644 --- a/terraform/platform/lambdas/main.tf +++ b/terraform/platform/lambdas/main.tf @@ -854,10 +854,8 @@ resource "aws_cloudwatch_event_rule" "compliance_reporter_trigger" { detail-type = ["AWS API Call via CloudTrail"] detail = { eventName = [ - "CreateBucket", "RunInstances", "CreateDBInstance", - "CreateService", "CreateFunction20150331", "CreateLoadBalancer", - "CreateSecurityGroup", "CreateNatGateway", "CreateVpc", "CreateSubnet", - "CreateTargetGroup", + { "prefix" : "Create" }, + { "prefix" : "Run" }, ] } }) diff --git a/terraform/platform/monitoring/main.tf b/terraform/platform/monitoring/main.tf index c5f461a..e041895 100644 --- a/terraform/platform/monitoring/main.tf +++ b/terraform/platform/monitoring/main.tf @@ -88,10 +88,11 @@ resource "aws_cloudwatch_event_rule" "iam_changes" { detail = { eventSource = ["iam.amazonaws.com"] eventName = [ - "CreateRole", "DeleteRole", - "PutRolePolicy", "AttachRolePolicy", - "DetachRolePolicy", "DeleteRolePolicy", - "CreatePolicy", "DeletePolicy", + { "prefix" : "Create" }, + { "prefix" : "Delete" }, + { "prefix" : "Put" }, + { "prefix" : "Attach" }, + { "prefix" : "Detach" }, ] } }) @@ -166,9 +167,8 @@ resource "aws_cloudwatch_event_rule" "resource_creation" { detail-type = ["AWS API Call via CloudTrail"] detail = { eventName = [ - "CreateBucket", "RunInstances", "CreateDBInstance", - "CreateService", "CreateFunction", "CreateQueue", - "CreateTable", "CreateLoadBalancer", + { "prefix" : "Create" }, + { "prefix" : "Run" }, ] } }) @@ -196,10 +196,11 @@ resource "aws_cloudwatch_event_rule" "resource_modification" { detail-type = ["AWS API Call via CloudTrail"] detail = { eventName = [ - "ModifyDBInstance", - "DeleteBucket", - "StopInstances", "TerminateInstances", - "DeleteService", "DeleteFunction", + { "prefix" : "Modify" }, + { "prefix" : "Update" }, + { "prefix" : "Delete" }, + { "prefix" : "Stop" }, + { "prefix" : "Terminate" }, ] } })