Table of Contents generated with DocToc
This collection of reusable Terraform Modules aims to help with the following recurring topics:
- AWS Secure Baselining:
- CloudTrail
- IAM
- Config
- Security Hub
- Secure S3 Buckets (encrypted, versioned, optional access logging)
- EBS Volume Encryption enabled by default
- IAM User Self Service Policy
- iam-access-analyzer
- iam-password-policy
- secure-s3-bucket
- ebs-default-encryption
- cloudtrail
- iam-userselfservice
- security-hub
Terraform Version 0.13 or newer is required.
Since there is no root module, check the included submodules.
Hint: Omit the version attribute to use the most recent master
branch.
In general, to just get started, create a Terraform file (e.g.: security-example.tf
) with the following content:
module "security" {
source = "centriascolocation/security/aws"
version = "~> 1.4"
}
Example of using one module:
module "security_iam-access-analyzer" {
source = "centriascolocation/security/aws//modules/iam-access-analyzer"
version = "~> 1.4"
}
The Examples folder contains some basic configurations.
It is recommended to use pre-commit and its friends.
For the first time, setup pre-commit hooks like so:
pre-commit install
Put new modules under the subdirectory modules/
.
You'll also need:
- terraform-docs
- tflint
- tfsec
- Michael Krieg michael@centrias.de
- Volker Bohne bohne@centrias.de
- Christian Weirich christian@centrias.de
- Dirk Piethan dirk@centrias.de
- Jonas Ueberschaer jonas@centrias.de
Apache 2 Licensed. See LICENSE for full details.