Skip to content

plus3it/terraform-aws-tardigrade-config-rules

BranchesTags

Repository files navigation

terraform-aws-tardigrade-config-rules

Terraform module to setup config rules

Testing

Manual testing:

# Replace "xxx" with an actual AWS profile, then execute the integration tests.
export AWS_PROFILE=xxx 
make terraform/pytest PYTEST_ARGS="-v --nomock"

For automated testing, PYTEST_ARGS is optional and no profile is needed:

make mockstack/up
make terraform/pytest PYTEST_ARGS="-v"
make mockstack/clean

Requirements

Name Version
terraform >= 0.13
aws >= 4.0

Providers

Name Version
aws >= 4.0

Resources

Name Type
aws_caller_identity.this data source
aws_iam_policy.custom_lambda data source
aws_iam_policy_document.custom_lambda data source
aws_partition.this data source

Inputs

Name Description Type Default Required
config_recorder_id ID of the config recorder in the account. Required to address the implicit dependency on the config recorder string n/a yes
config_rule Object of attributes for the config rule resource, see https://www.terraform.io/docs/providers/aws/r/config_config_rule.html#argument-reference. When owner is AWS, set source_identifer to the AWS predefined identifier for the rule. When owner is CUSTOM_LAMBDA, set source_identifier to null and it will be set to the ARN of the lambda function 
object({
    description                 = string
    input_parameters            = string
    maximum_execution_frequency = string
    name                        = string
    owner                       = string
    source_identifier           = string
    tags                        = map(string)
    scope = object({
      compliance_resource_id    = string
      compliance_resource_types = list(string)
      tag_key                   = string
      tag_value                 = string
    })
    source_details = list(object({
      message_type = string
    }))
  })
 n/a yes
lambda Object of attributes for the lambda supporting a custom config rule, see https://www.terraform.io/docs/providers/aws/r/lambda_function.html#argument-reference. Required when config_rule.owner is CUSTOM_LAMBDA 
object({
    description                    = string
    handler                        = string
    name                           = string
    policy                         = string
    runtime                        = string
    source_path                    = string
    reserved_concurrent_executions = number
    tags                           = map(string)
    timeout                        = number
  })
 
{
  "description": null,
  "handler": null,
  "name": null,
  "policy": null,
  "reserved_concurrent_executions": null,
  "runtime": null,
  "source_path": null,
  "tags": null,
  "timeout": null
}
 no

Outputs

Name Description
config_rule AWS Config Rule object

About

Terraform module to setup config rules

Topics

terraform tardigrade

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

7 forks
Report repository

Releases 16

4.0.0 Latest
Aug 10, 2022
+ 15 releases

Packages

No packages published

Contributors 12

Languages