2021-01-29 16:21:17 +08:00
|
|
|
# Overview
|
|
|
|
|
This module performs the following tasks:
|
|
|
|
|
|
2022-09-05 11:07:42 +08:00
|
|
|
- Enable AWS config in all regions
|
|
|
|
|
- Deploy CIS1.4 level 1 conformance pack
|
|
|
|
|
- Set Config retention period
|
|
|
|
|
- Setup Config aggregator, aggregate Config in all regions into primary region
|
2021-01-29 16:21:17 +08:00
|
|
|
- Create s3 bucket for config use
|
|
|
|
|
|
|
|
|
|
## Inputs:
|
|
|
|
|
| Name | Description | Type | Default | Required |
|
|
|
|
|
|------|-------------|------|---------|:-----:|
|
|
|
|
|
| application | name of application | string | none | yes |
|
|
|
|
|
| environment | capacity of environment (prd/dev/lab) | string | none | yes |
|
|
|
|
|
| customer-name | owner of aws resources | string | none | yes |
|
|
|
|
|
| project | name of project | string | none | yes |
|
|
|
|
|
| default-tags | tags to be added to resources | list | none | yes |
|
|
|
|
|
| aws-region-short | short name of aws region (e.g. apne1) | string | none | yes |
|
|
|
|
|
|
2022-09-05 11:07:42 +08:00
|
|
|
# Notes
|
|
|
|
|
It takes a while for AWS to process Config changes.
|
