xpk/terraform.aws-baseline-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UPD: added more resources to roles_iam_resources module

Browse Source
This commit is contained in:
xpk 2021-01-27 11:33:48 +08:00
parent 51458c3d58
commit f28e631344
Signed by: xpk
GPG Key ID: CD4FF6793F09AB86
8 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
layers/security_identity_compliance/job-function-roles/main.tf → layers/security_identity_compliance/iam_roles/main.tf
View File

@ -1,7 +1,7 @@
data aws_caller_identity this {} data aws_caller_identity this {}
module cloudtrail-cwl { module iam-module {
source = "../../../modules/security_identity_compliance/job-function-roles" source = "../../../modules/security_identity_compliance/roles_iam_resources"
application = var.application application = var.application
environment = var.environment environment = var.environment
customer-name = var.customer-name customer-name = var.customer-name

0
layers/security_identity_compliance/job-function-roles/provider.tf → layers/security_identity_compliance/iam_roles/provider.tf
View File

0
layers/security_identity_compliance/job-function-roles/terraform.tfvars → layers/security_identity_compliance/iam_roles/terraform.tfvars
View File

0
layers/security_identity_compliance/job-function-roles/variables.tf → layers/security_identity_compliance/iam_roles/variables.tf
View File

4
modules/security_identity_compliance/roles_iam_resources/access-analyzer.tf Normal file
View File

@ -0,0 +1,4 @@
resource "aws_accessanalyzer_analyzer" "iam-aa" {
analyzer_name = "IAMAcecssAnalyzer"
tags = var.default-tags
}

11
modules/security_identity_compliance/roles_iam_resources/iam-password-policy.tf Normal file
View File

@ -0,0 +1,11 @@
resource "aws_iam_account_password_policy" "password-policy1" {
minimum_password_length = 14
require_lowercase_characters = true
require_numbers = true
require_uppercase_characters = true
require_symbols = true
allow_users_to_change_password = true
max_password_age = 90
password_reuse_prevention = 24
hard_expiry = true
}

0
modules/security_identity_compliance/job-function-roles/main.tf → modules/security_identity_compliance/roles_iam_resources/main.tf
View File

0
modules/security_identity_compliance/job-function-roles/variables.tf → modules/security_identity_compliance/roles_iam_resources/variables.tf
View File