ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 06:45:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4e07796b892cf21d45cd7e3494824340ef9d6f5
terraform-foundation/terraform/modules/account-baseline/outputs.tf
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

57 lines
1.6 KiB
HCL
Raw Blame History

################################################################################
# Account Baseline - Outputs
################################################################################
output "ebs_encryption_enabled" {
value = var.enable_ebs_encryption
description = "Whether EBS encryption is enabled"
}
output "s3_block_public_enabled" {
value = var.enable_s3_block_public
description = "Whether S3 public block is enabled"
}
output "access_analyzer_arn" {
value = try(aws_accessanalyzer_analyzer.this[0].arn, null)
description = "Access Analyzer ARN"
}
output "securityhub_enabled" {
value = var.enable_securityhub
description = "Whether Security Hub is enabled"
}
output "guardduty_detector_id" {
value = try(aws_guardduty_detector.this[0].id, null)
description = "GuardDuty detector ID"
}
output "config_recorder_id" {
value = try(aws_config_configuration_recorder.this[0].id, null)
description = "Config recorder ID"
}
output "admin_role_arn" {
value = try(aws_iam_role.admin[0].arn, null)
description = "Admin IAM role ARN"
}
output "readonly_role_arn" {
value = try(aws_iam_role.readonly[0].arn, null)
description = "Readonly IAM role ARN"
}
output "baseline_status" {
value = {
ebs_encryption = var.enable_ebs_encryption
s3_block_public = var.enable_s3_block_public
password_policy = var.enable_password_policy
access_analyzer = var.enable_access_analyzer
securityhub = var.enable_securityhub
guardduty = var.enable_guardduty
config = var.enable_config
}
description = "Summary of baseline status"
}
Reference in New Issue View Git Blame Copy Permalink