ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 06:45:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6136cde9bbc81aa494013e7bee651dceff16686a
terraform-foundation/terraform/modules/config-rules/README.md
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

52 lines
1.4 KiB
Markdown
Raw Blame History

# config-rules
AWS Config Rules Module
## Usage
```hcl
module "config_rules" {
source = "../modules/config-rules"
# Required variables
# Optional: see variables.tf for all options
}
```
## Requirements
| Name | Version |
|------|---------|
| terraform | >= 1.5.0 |
| aws | >= 5.0 |
## Inputs
| Name | Description | Type | Required |
|------|-------------|------|----------|
| enable_aws_config | Enable AWS Config (required for rules) | `bool` | no |
| config_bucket | S3 bucket for Config snapshots (created if empty) | `string` | no |
| config_sns_topic_arn | SNS topic for Config notifications | `string` | no |
| delivery_frequency | Config snapshot delivery frequency | `string` | no |
| enable_cis_benchmark | Enable CIS AWS Foundations Benchmark rules | `bool` | no |
| enable_security_best_practices | Enable AWS Security Best Practices rules | `bool` | no |
| enable_pci_dss | Enable PCI DSS compliance rules | `bool` | no |
| enable_hipaa | Enable HIPAA compliance rules | `bool` | no |
| rules | | `object({` | no |
| auto_remediation | Enable auto-remediation for supported rules | `bool` | no |
| tags | | `map(string)` | no |
## Outputs
| Name | Description |
|------|-------------|
| config_recorder_id | Config recorder ID |
| config_bucket | S3 bucket for Config snapshots |
| enabled_rules | |
| compliance_packs | |
## License
Apache 2.0 - See LICENSE for details.
Reference in New Issue View Git Blame Copy Permalink