Giter Site home page Giter Site logo

dod-iac / terraform-aws-guardduty Goto Github PK

View Code? Open in Web Editor NEW
2.0 5.0 2.0 16 KB

Creates an AWS GuardDuty Detector

Home Page: https://registry.terraform.io/modules/dod-iac/guardduty/aws

License: MIT License

HCL 90.29% Shell 9.71%
terraform aws guardduty

terraform-aws-guardduty's Introduction

Usage

Creates an AWS GuardDuty Detector, KMS Key for encrypting exports to S3, and CloudWatch rule to watch for findings.

module "guardduty" {
  source = "dod-iac/guardduty/aws"

  tags = {
    Application = var.application
    Environment = var.environment
    Automation  = "Terraform"
  }
}

You can customize the finding publishing frequency.

module "guardduty" {
  source = "dod-iac/guardduty/aws"

  enable = true
  finding_publishing_frequency = "SIX_HOURS"
  tags = {
    Application = var.application
    Environment = var.environment
    Automation  = "Terraform"
  }
}

You can exports GuardDuty findings to a S3 bucket using the s3_bucket_name variable.

module "guardduty" {
  source = "dod-iac/guardduty/aws"

  enable = true
  s3_bucket_name = module.logs.aws_logs_bucket
  tags = {
    Application = var.application
    Environment = var.environment
    Automation  = "Terraform"
  }
}

Terraform Version

Terraform 0.12. Pin module version to ~> 1.0.0 . Submit pull-requests to master branch.

Terraform 0.11 is not supported.

License

This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.

Requirements

Name Version
terraform >= 0.13
aws ~> 3.0

Providers

Name Version
aws ~> 3.0

Modules

No Modules.

Resources

Name
aws_caller_identity
aws_cloudwatch_event_rule
aws_guardduty_detector
aws_guardduty_publishing_destination
aws_iam_policy_document
aws_kms_alias
aws_kms_key
aws_partition
aws_s3_bucket
aws_s3_bucket_object

Inputs

Name Description Type Default Required
enable Enable monitoring and feedback reporting. Setting to false is equivalent to "suspending" GuardDuty. bool true no
finding_publishing_frequency Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to SIX_HOURS. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS. string "FIFTEEN_MINUTES" no
kms_alias_name The display name of the alias of the KMS key used to encrypt exports to S3. The name must start with the word "alias" followed by a forward slash (alias/). string "alias/guardduty" no
kms_key_tags Tags to apply to the AWS KMS Key used to encrypt exports to S3. map(string) {} no
s3_bucket_name The name of the S3 bucket that receives findings from GuardDuty. If blank, then GuardDuty does not export findings to S3. string "" no
s3_bucket_prefix The prefix for where findings from GuardDuty are stored in the S3 bucket. Should start with "/" if defined. GuardDuty will build the full destination ARN using this format: <s3_bucket_arn><s3_bucket_prefix>/AWSLogs/<account_id>/GuardDuty/. string "/guardduty" no

Outputs

Name Description
aws_cloudwatch_event_rule_name Name of the CloudWatch rule that watches for AWS GuardDuty findings.
aws_guardduty_detector_id The ID of the GuardDuty detector.

terraform-aws-guardduty's People

Contributors

chrisgilmerproj avatar pjdufour-dds avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

rsivilli ryanoatz99

terraform-aws-guardduty's Issues

Deprecated components

The module is throwing deprecation errors with newer versions of the AWS provider:

Warning: Argument is deprecated
with .../module.guardduty.aws_s3_bucket_object.guardduty
on .terraform/modules/guardduty/main.tf line 132, in resource "aws_s3_bucket_object" "guardduty":

  bucket = data.aws_s3_bucket.main.0.id

Use the aws_s3_object resource instead

and

Warning: Argument is deprecated
with .../module.guardduty.aws_s3_bucket_object.guardduty
on .terraform/modules/guardduty/main.tf line 134, in resource "aws_s3_bucket_object" "guardduty":

  key = var.s3_bucket_prefix == "/" ? "/" : format("%s/", (
    substr(var.s3_bucket_prefix, 0, 1) == "/" ?
    substr(var.s3_bucket_prefix, 1, length(var.s3_bucket_prefix)) :
    var.s3_bucket_prefix
  ))

Use the aws_s3_object resource instead

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.