Merge pull request #30 from trussworks/mk-default-cloudtrail-enabled

Have the cloudtrail-enabled check default to true.
trussworks · Jan 15, 2020 · 040a9f1 · 040a9f1
2 parents 15a265c + fb1574f
commit 040a9f1
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -54,7 +54,7 @@ module "aws_config" {
 | check\_approved\_amis\_by\_tag | Enable approved-amis-by-tag rule | string | `"false"` | no |
 | check\_cloud\_trail\_encryption | Enable cloud-trail-encryption-enabled rule | string | `"false"` | no |
 | check\_cloud\_trail\_log\_file\_validation | Enable cloud-trail-log-file-validation-enabled rule | string | `"false"` | no |
-| check\_cloudtrail\_enabled | Enable cloudtrail-enabled rule | string | `"false"` | no |
+| check\_cloudtrail\_enabled | Enable cloudtrail-enabled rule | string | `"true"` | no |
 | check\_ec2\_encrypted\_volumes | Enable ec2-encrypted-volumes rule | string | `"true"` | no |
 | check\_ec2\_volume\_inuse\_check | Enable ec2-volume-inuse-check rule | string | `"true"` | no |
 | check\_eip\_attached | Enable eip-attached rule | string | `"false"` | no |

diff --git a/variables.tf b/variables.tf
@@ -101,7 +101,7 @@ variable "check_multi_region_cloud_trail" {
 
 variable "check_cloudtrail_enabled" {
   description = "Enable cloudtrail-enabled rule"
-  default     = false
+  default     = true
 }
 
 variable "check_cloud_trail_encryption" {
@@ -195,4 +195,4 @@ variable "check_rds_snapshots_public_prohibited" {
 variable "check_s3_bucket_public_write_prohibited" {
   description = "Enable s3-bucket-public-write-prohibited rule"
   default     = true
-}
+}