Skip to content

plus3it/terraform-aws-tardigrade-config-rules

1 Branch16 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

lorengordonlorengordon
Merge pull request #167 from lorengordon/ci-fix
Aug 10, 2022
e118578 · Aug 10, 2022

History

308 Commits
.github
.github
Jul 21, 2021
tests
tests
Jul 28, 2022
.bumpversion.cfg
.bumpversion.cfg
Aug 1, 2022
.editorconfig
.editorconfig
Jul 13, 2021
.gitignore
.gitignore
Jul 13, 2021
.mergify.yml
.mergify.yml
Oct 17, 2019
.travis.yml
.travis.yml
Aug 10, 2022
CHANGELOG.md
CHANGELOG.md
Sep 15, 2020
Dockerfile
Dockerfile
Jul 14, 2022
LICENSE
LICENSE
Aug 26, 2019
Makefile
Makefile
Jul 11, 2022
README.md
README.md
Aug 1, 2022
main.tf
main.tf
Aug 1, 2022
outputs.tf
outputs.tf
Sep 15, 2020
variables.tf
variables.tf
Sep 4, 2020
versions.tf
versions.tf
Aug 1, 2022

Repository files navigation

terraform-aws-tardigrade-config-rules

Terraform module to setup config rules

Testing

Manual testing:

# Replace "xxx" with an actual AWS profile, then execute the integration tests.
export AWS_PROFILE=xxx 
make terraform/pytest PYTEST_ARGS="-v --nomock"

For automated testing, PYTEST_ARGS is optional and no profile is needed:

make mockstack/up
make terraform/pytest PYTEST_ARGS="-v"
make mockstack/clean

Requirements

Name Version
terraform >= 0.13
aws >= 4.0

Providers

Name Version
aws >= 4.0

Resources

Name Type
aws_caller_identity.this data source
aws_iam_policy.custom_lambda data source
aws_iam_policy_document.custom_lambda data source
aws_partition.this data source

Inputs

Name Description Type Default Required
config_recorder_id ID of the config recorder in the account. Required to address the implicit dependency on the config recorder string n/a yes
config_rule Object of attributes for the config rule resource, see https://www.terraform.io/docs/providers/aws/r/config_config_rule.html#argument-reference. When owner is AWS, set source_identifer to the AWS predefined identifier for the rule. When owner is CUSTOM_LAMBDA, set source_identifier to null and it will be set to the ARN of the lambda function 
object({
    description                 = string
    input_parameters            = string
    maximum_execution_frequency = string
    name                        = string
    owner                       = string
    source_identifier           = string
    tags                        = map(string)
    scope = object({
      compliance_resource_id    = string
      compliance_resource_types = list(string)
      tag_key                   = string
      tag_value                 = string
    })
    source_details = list(object({
      message_type = string
    }))
  })
 n/a yes
lambda Object of attributes for the lambda supporting a custom config rule, see https://www.terraform.io/docs/providers/aws/r/lambda_function.html#argument-reference. Required when config_rule.owner is CUSTOM_LAMBDA 
object({
    description                    = string
    handler                        = string
    name                           = string
    policy                         = string
    runtime                        = string
    source_path                    = string
    reserved_concurrent_executions = number
    tags                           = map(string)
    timeout                        = number
  })
 
{
  "description": null,
  "handler": null,
  "name": null,
  "policy": null,
  "reserved_concurrent_executions": null,
  "runtime": null,
  "source_path": null,
  "tags": null,
  "timeout": null
}
 no

Outputs

Name Description
config_rule AWS Config Rule object

About

Terraform module to setup config rules

Topics

terraform tardigrade

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

7 forks
Report repository

Releases 16

4.0.0 Latest
Aug 10, 2022
+ 15 releases

Packages

No packages published

Contributors 12

Languages