It includes setting up a group with the policies allowing use of GuardDuty, and an S3 bucket.
A terraform module to create a manage Guarduty across multiple regions through the Terraform.
Read the AWS docs on Guarduty.
| Branch | Build status |
|---|---|
- You want to enable Guarduty in one region at a time
- Need comprehensive threat identiifacitn
- You'are onboarding an account that hasn't been enabled yet
module "guarduty" {
source = "<your_source"
aws_account_id = 000000
users = "['admin']"
aws_region = "eu-west-2"
}- SecurityHub: High level Overview of the components
Code formatting and documentation for variables and outputs is generated using pre-commit-terraform hooks which uses terraform-docs.
Follow these instructions to install pre-commit locally.
And install terraform-docs with go get github.com/segmentio/terraform-docs or brew install terraform-docs.
Testing and using this repo requires a minimum set of IAM permissions. Test permissions are listed in the iam README.
Created and maintained by Alessio Garofalo
MIT Licensed. See LICENSE for full details.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_account_id | The ID of the AWS account to use | string | n/a | yes |
| aws_region | Which region are we running the module against | string | n/a | yes |
| bucket_prefix | The prefix to use for the s3 bucket | string | "security" |
no |
| group_name | The name of guardDuty admins | string | "guardduty-admin" |
no |
| tags | map | <map> |
no | |
| users | A list of string, where you can specify your members | list | n/a | yes |
| Name | Description |
|---|---|
| bucket_arn | |
| guardduty_account_id | |
| guardduty_id |