This document provides guidelines and instructions for users looking to implement Terraform module for managing administering Cloud Custodian.
The terraform-aws-arc-security module provides a secure and modular foundation for managing Security Hub components.
Before using this module, ensure you have the following:
- AWS credentials configured.
- Terraform installed.
- Python 3.8 or above installed.
- Pip installed.
To use the module in your Terraform configuration, include the following source block:
module "cloud_security" {
source = "sourcefuse/arc-cloud-custodian/aws"
version = "0.0.6"
# insert the required variables here
}Refer to the Terraform Registry for the latest version.
Integrate the module with your existing Terraform mono repo configuration, follow the steps below:
- Create a new folder in
terraform/namedcloud-custodian. - Create the required files, see the examples to base off of.
- Configure with your backend
- Create the environment backend configuration file:
config.<environment>.hcl- region: Where the backend resides
- key:
<working_directory>/terraform.tfstate - bucket: Bucket name where the terraform state will reside
- dynamodb_table: Lock table so there are not duplicate tfplans in the mix
- encrypt: Encrypt all traffic to and from the backend
Ensure that the AWS credentials used to execute Terraform have the necessary permissions to set up a cloud custodian infrastructure on AWS.
For a list of input variables, see the README Inputs section.
For a list of outputs, see the README Outputs section.
For basic usage, see the example folder.
This example will create:
The CloudTrail Terraform module by CloudPosse simplifies the implementation and management of AWS CloudTrail configurations.
By leveraging the hashicorp/aws Terraform provider, this module allows users to effortlessly deploy CloudTrail with customizable settings, such as log file validation, event selectors, and multi-region trail support.
The module ensures comprehensive visibility into AWS account activity by associating CloudTrail with an S3 bucket for log storage, and provides flexibility in defining IAM roles and policies.
With built-in tagging and dependency management, this CloudTrail module offers a streamlined solution for enhancing AWS security and compliance.
The module focuses on setting up a cloud custodian infrastructure on AWS. Adjust the configuration parameters as needed for your specific use case.
If you encounter a bug or issue, please report it on the GitHub repository.
Understand the security considerations related to Cloud Custodian when using this module.
Follow best practices to ensure best Security configurations. Cloud Custodian on AWS
Contribute to the module by following the guidelines outlined in the CONTRIBUTING.md file.
If you find a bug or issue, report it on the GitHub repository.
This module is licensed under the Apache 2.0 license. Refer to the LICENSE file for more details.
Contribute to open source by using and enhancing this module. Your contributions are welcome!