Automatically revoke security group changes on SSH and RDP ports (22 and 3389)
This module sets up a lambda that will automatically revert any security group changes that open the SSH and RDP ports.
No requirements.
| Name | Version |
|---|---|
| archive | n/a |
| aws | n/a |
No modules.
| Name | Type |
|---|---|
| aws_cloudwatch_event_rule.sg_change_auto_response_event_rule | resource |
| aws_cloudwatch_event_target.target_sg_change_auto_response_event_rule | resource |
| aws_iam_role.group_change_auto_response_role | resource |
| aws_iam_role_policy.security_group_modification | resource |
| aws_lambda_function.security_group_change_auto_response | resource |
| aws_lambda_permission.security_group_change_auto_response_lambda_permission | resource |
| archive_file.sg_change_auto_response | data source |
| aws_caller_identity.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| billing_tag_key | (Optional, default 'CostCentre') The name of the billing tag | string |
"CostCentre" |
no |
| billing_tag_value | (Required) The value of the billing tag | string |
n/a | yes |
| function_name | (Required) Name of the Lambda function. | string |
"security_group_change_auto_response" |
no |
| sns_topic | (Optional, default 'internal-sre-alert') The name of the sns topic to send alerts to | string |
"internal-sre-alert" |
no |
No outputs.