exposed_iam_credentials_disabler

Disable exposed IAM credentials

This module sets up a lambda that will disable an IAM access key triggered by an AWS Health notification with the AWS_RISK_CREDENTIALS_EXPOSED event type.

Requirements

No requirements.

Providers

Name	Version
archive	n/a
aws	n/a

Modules

No modules.

Resources

Name	Type
aws_cloudwatch_event_rule.exposed_iam_credential_found_rule	resource
aws_cloudwatch_event_target.disable_exposed_iam_credential	resource
aws_cloudwatch_log_group.disable_exposed_iam_credential_lambda	resource
aws_iam_policy.disable_exposed_iam_credential_lambda	resource
aws_iam_role.disable_exposed_iam_credential_lambda	resource
aws_iam_role_policy_attachment.disable_exposed_iam_credential_lambda	resource
aws_lambda_function.disable_exposed_iam_credential	resource
aws_lambda_permission.disable_exposed_iam_credential_events	resource
archive_file.disable_exposed_iam_credential	data source
aws_caller_identity.current	data source
aws_iam_policy_document.disable_exposed_iam_credential_lambda	data source
aws_iam_policy_document.lambda_assume_policy	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
billing_tag_key	(Optional, default 'CostCentre') The name of the billing tag	string	"CostCentre"	no
billing_tag_value	(Required) The value of the billing tag	string	n/a	yes
function_name	(Required) Name of the Lambda function.	string	"DisableExposedIAMCredential"	no

Outputs

No outputs.