Compare commits
1 Commits
master
...
ctalarms-w
Author | SHA1 | Date |
---|---|---|
lza_menace | 02053501fc | 4 years ago |
@ -1,35 +0,0 @@
|
||||
# securityhub-notifications
|
||||
|
||||
This module sets up Cloudwatch Event rules which notify a given SNS topic to inform administrators of any SecurityHub findings.
|
||||
|
||||
https://aws.amazon.com/security-hub/
|
||||
|
||||
## Usage
|
||||
|
||||
```
|
||||
module "sns-email-topic" {
|
||||
source = "github.com/lalanza808/tf-modules.git/monitoring/sns-email-topic"
|
||||
}
|
||||
|
||||
module "securityhub-notification" {
|
||||
source = "github.com/lalanza808/tf-modules.git/monitoring/securityhub-notifications"
|
||||
sns_topic_arn = module.sns-email-topic.topic_arn
|
||||
}
|
||||
```
|
||||
|
||||
## Inputs
|
||||
|
||||
You must provide one input, which is the SNS Topic ARN you wish to publish messages to.
|
||||
|
||||
* `sns_topic_arn`
|
||||
|
||||
You can provide these optional inputs:
|
||||
|
||||
* `prefix`
|
||||
* `tags`
|
||||
|
||||
See all inputs here: [variables.tf](./variables.tf)
|
||||
|
||||
## Outputs
|
||||
|
||||
None
|
@ -1,25 +0,0 @@
|
||||
resource "aws_cloudwatch_event_rule" "health" {
|
||||
name = "${var.prefix}-aws-securityhub"
|
||||
description = "Capture AWS SecurityHub incidents and notify operations SNS"
|
||||
|
||||
event_pattern = <<PATTERN
|
||||
{
|
||||
"source": [
|
||||
"aws.securityhub"
|
||||
],
|
||||
"detail-type": [
|
||||
"Security Hub Findings - Imported"
|
||||
]
|
||||
}
|
||||
PATTERN
|
||||
|
||||
tags = {
|
||||
Terraform = "True"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_cloudwatch_event_target" "sns" {
|
||||
rule = aws_cloudwatch_event_rule.health.name
|
||||
target_id = "${var.prefix}-aws-securityhub"
|
||||
arn = var.sns_topic_arn
|
||||
}
|
@ -1,12 +0,0 @@
|
||||
variable "sns_topic_arn" {
|
||||
description = "ARN of the SNS topic to recieve notifications"
|
||||
}
|
||||
variable "tags" {
|
||||
default = {}
|
||||
type = map
|
||||
description = "Optional set of tags to apply to the infrastructure"
|
||||
}
|
||||
variable "prefix" {
|
||||
default = "monitoring"
|
||||
description = "String to prefix to all resources"
|
||||
}
|
@ -1,4 +0,0 @@
|
||||
resource "aws_accessanalyzer_analyzer" "example" {
|
||||
analyzer_name = var.name
|
||||
tags = var.tags
|
||||
}
|
@ -1,9 +0,0 @@
|
||||
variable "name" {
|
||||
default = "ctay-iam-analyzer"
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
default = {}
|
||||
type = map
|
||||
description = "Optional tag mapping to apply to the infrastructure"
|
||||
}
|
@ -1,7 +0,0 @@
|
||||
resource "aws_securityhub_account" "main" {}
|
||||
|
||||
resource "aws_securityhub_standards_subscription" "cis" {
|
||||
standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
|
||||
|
||||
depends_on = [aws_securityhub_account.main]
|
||||
}
|
Loading…
Reference in New Issue