Contact Us | Stratusphere FinOps | StratusGrid Home | Blog
GitHub: StratusGrid/terraform-aws-guard-duty-notifications
This module creates SNS topics for three tiers of GuardDuty findings, EventBridge rules and triggers to add findings to the SNS topics, and a KMS key and alias used to encrypt data sent to the SNS topics.
Currently, subscriptions to the topics are not managed in this module.
module "aws_guard_duty" {
source = "StratusGrid/terraform-aws-guard-duty/aws"
# version = "x.x.x" # StratusGrid recommends pinning the module version to the latest available
}- All resource names and name tags shall use
_and not-s - The old naming standard for common files such as inputs, outputs, providers, etc was to prefix them with a
-, this is no longer true as it's not POSIX compliant. Our pre-commit hooks will fail with this old standard. - StratusGrid generally follows the TerraForm standards outlined here
| Name | Version |
|---|---|
| terraform | >= 1.1 |
| aws | >= 4.9 |
| Name | Type |
|---|---|
| aws_cloudwatch_event_rule.critical | resource |
| aws_cloudwatch_event_rule.info | resource |
| aws_cloudwatch_event_rule.warning | resource |
| aws_cloudwatch_event_target.critical | resource |
| aws_cloudwatch_event_target.info | resource |
| aws_cloudwatch_event_target.warning | resource |
| aws_kms_alias.this | resource |
| aws_kms_key.this | resource |
| aws_sns_topic.guardduty_findings_critical | resource |
| aws_sns_topic.guardduty_findings_info | resource |
| aws_sns_topic.guardduty_findings_warning | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| enable_sns | Enable or disable GuardDuty findings notifications. | bool |
true |
no |
| input_tags | Map of tags to apply to resources | map(string) |
{} |
no |
Note, manual changes to the README will be overwritten when the documentation is updated. To update the documentation, run terraform-docs -c .config/.terraform-docs.yml