terraform.aws-baseline-infra/modules/security_identity_compliance/aws_config
2022-09-05 11:07:42 +08:00
..
cis-rules.tf-no UPD: remove deprecated code in infra-bucket, revamped Config module 2022-09-05 11:07:42 +08:00
main.tf UPD: remove deprecated code in infra-bucket, revamped Config module 2022-09-05 11:07:42 +08:00
outputs.tf NEW: awsconfig and s3 module 2021-01-29 16:21:17 +08:00
README.md UPD: remove deprecated code in infra-bucket, revamped Config module 2022-09-05 11:07:42 +08:00
variables.tf UPD: remove deprecated code in infra-bucket, revamped Config module 2022-09-05 11:07:42 +08:00

Overview

This module performs the following tasks:

  • Enable AWS config in all regions
  • Deploy CIS1.4 level 1 conformance pack
  • Set Config retention period
  • Setup Config aggregator, aggregate Config in all regions into primary region
  • Create s3 bucket for config use

Inputs:

Name Description Type Default Required
application name of application string none yes
environment capacity of environment (prd/dev/lab) string none yes
customer-name owner of aws resources string none yes
project name of project string none yes
default-tags tags to be added to resources list none yes
aws-region-short short name of aws region (e.g. apne1) string none yes

Notes

It takes a while for AWS to process Config changes.