Terraform AWS Config Rules

Code Quality

Terraform AWS Config Rules

A set of AWS Config rules to be deployed using Terraform. Packed into submodules.

Inputs

Name	Description	Type	Default	Required
acm	A map of Cloudtrail configuration options.	map(object({ enabled = bool }))	n/a	yes
cloudtrail	A map of Cloudtrail configuration options.	map(object({ enabled = bool bucket_id = optional(string) }))	n/a	yes
ec2	A map of EC2 configuration options.	map(object({ enabled = bool }))	n/a	yes
iam	A map of IAM configuration options.	map(object({ enabled = bool }))	`{}`	no
lb	A map of Load Balancer configuration options.	map(object({ enabled = bool }))	`{}`	no
rds	A map of RDS configuration options.	map(object({ enabled = bool }))	`{}`	no
s3	A map of S3 configuration options.	map(object({ enabled = bool }))	`{}`	no
tag	A map of Tag configuration options.	map(object({ enabled = bool }))	`{}`	no
tags	A mapping of tags to assign to all resources.	`map(string)`	`{}`	no
vpc	A map of VPC configuration options.	map(object({ enabled = bool }))	`{}`	no

Outputs

No outputs.

Providers

No providers.

Resources

Examples

Full

module "full-example" {
  source = "../.."

  acm = {
    "acm_certificate_expiration_check" = {
      "enabled" = true
    }
  }

  cloudtrail = {
    "cloudtrail_enabled" = {
      "enabled"   = true
      "bucket_id" = "my-cloudtrail-bucket"
    },
    "cloudtrail_log_file_validation_enabled" = {
      "enabled" = true
    },
  }

  ec2 = {
    "autoscaling_group_elb_healthcheck_required" = {
      "enabled" = true
    },
    "ec2_volume_in_use" = {
      "enabled" = true
    },
    "encrypted_volumes" = {
      "enabled" = true
    },
    "instances_in_vpc" = {
      "enabled" = true
    },
  }

  iam = {
    "iam_policy_no_statements_with_admin_access" = {
      "enabled" = true
    },
    "iam_user_no_policies_check" = {
      "enabled" = true
    },
  }

  lb = {
    "alb_http_to_https_redirection_check" = {
      "enabled" = true
    },
    "elb_acm_certificate_required" = {
      "enabled" = true
    },
  }

  rds = {
    "aurora_last_backup_recovery_point_created" = {
      "enabled" = true
    },
    "db_instance_backup_enabled" = {
      "enabled" = true
    },
    "rds_instance_public_access_check" = {
      "enabled" = true
    },
    "rds_multi_az_support" = {
      "enabled" = true
    },
    "rds_snapshots_public_prohibited" = {
      "enabled" = true
    },
    "rds_storage_encrypted" = {
      "enabled" = true
    },
  }

  s3 = {
    "s3_bucket_public_read_prohibited" = {
      "enabled" = true
    },
  }

  tag = {
    "required_tags" = {
      "enabled" = true
    },
  }

  vpc = {
    "eip_attached" = {
      "enabled" = true
    },
  }

  tags = {}
}

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
.github		.github
docs		docs
examples/full-example		examples/full-example
modules/rules		modules/rules
test		test
.editorconfig		.editorconfig
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
.terraform-docs.yml		.terraform-docs.yml
.tflint.hcl		.tflint.hcl
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
main.tf		main.tf
outputs.tf		outputs.tf
variables.tf		variables.tf
versions.tf		versions.tf

License

geekcell/terraform-aws-config-rules

Folders and files

Latest commit

History

Repository files navigation

Code Quality

Terraform AWS Config Rules

Inputs

Outputs

Providers

Resources

Examples

Full

About

Topics

Resources

License

Stars

Watchers

Forks

Languages