adding some extremely simple modules for iam-analyzer and securityhub w/ cis benchmarks
parent
d01fbaa216
commit
927589370f
@ -0,0 +1,4 @@
|
||||
resource "aws_accessanalyzer_analyzer" "example" {
|
||||
analyzer_name = var.name
|
||||
tags = var.tags
|
||||
}
|
@ -0,0 +1,9 @@
|
||||
variable "name" {
|
||||
default = "ctay-iam-analyzer"
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
default = {}
|
||||
type = map
|
||||
description = "Optional tag mapping to apply to the infrastructure"
|
||||
}
|
@ -0,0 +1,7 @@
|
||||
resource "aws_securityhub_account" "main" {}
|
||||
|
||||
resource "aws_securityhub_standards_subscription" "cis" {
|
||||
standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
|
||||
|
||||
depends_on = [aws_securityhub_account.main]
|
||||
}
|
Loading…
Reference in New Issue