Skip to content

oozou/terraform-aws-guardduty

BranchesTags

Repository files navigation

Terraform AWS GuardDuty Module

Usage

See usage at examples/simple

Requirements

Name Version
terraform >= 1.0.0
aws >= 4.00

Providers

Name Version
aws >= 4.00

Modules

Name Source Version
eventbridge_mail oozou/eventbridge/aws 1.0.1
sns_email oozou/sns/aws 1.0.1

Resources

Name Type
aws_guardduty_detector.guardduty resource
aws_iam_policy_document.cwe data source

Inputs

Name Description Type Default Required
environment Environment Variable used as a prefix string n/a yes
name Name of the ECS cluster and s3 also redis to create string n/a yes
prefix The prefix name of customer to be displayed in AWS console and resource string n/a yes
custom_tags Custom tags which can be passed on to the AWS resources. They should be key value pairs having distinct keys map(any) {} no
finding_publishing_frequency Specifies the frequency of notifications sent for subsequent finding occurrences.
If the detector is a GuardDuty member account, the value is determined by the GuardDuty
primary account and cannot be modified, otherwise defaults to SIX_HOURS. For standalone
and GuardDuty primary accounts, it must be configured in Terraform to enable drift detection.
Valid values for standalone and primary accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS.
See AWS Documentation for more information., see:
https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency		 string null no
is_enabled_notification n/a 
object({
    email_notify = object({
      enable                                = bool
      mail_list                             = list(string)
      is_enabled_low_severity_notification  = bool
      is_enabled_med_severity_notification  = bool
      is_enabled_high_severity_notification = bool
    })
  })
 
{
  "email_notify": {
    "enable": false,
    "is_enabled_high_severity_notification": true,
    "is_enabled_low_severity_notification": false,
    "is_enabled_med_severity_notification": false,
    "mail_list": []
  }
}
 no
is_kubernetes_protection_enabled n/a bool true no
is_malware_protection_enabled n/a bool false no
is_s3_protection_enabled Enables Amazon GuardDuty to monitor object-level API operations to identify potential security risks for data within your S3 buckets.
, see:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector		 bool false no
retry_policy n/a 
object({
    maximum_retry_attempts       = number
    maximum_event_age_in_seconds = number
  })
 
{
  "maximum_event_age_in_seconds": 3600,
  "maximum_retry_attempts": 100
}
 no

Outputs

Name Description
guardduty_detector GuardDuty detector

About

Terraform Component for AWS GuardDuty

Topics

aws terraform terraform-module guardduty aws-guardduty terraform-public-module terraform-aws-guardduty

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

1 fork
Report repository

Releases 1

v1.0.0 Latest
Sep 20, 2022

Packages

No packages published

Languages