Enable AWS GuardDuty and configures any findings to be sent to and SNS topic.
Creates the following resources:
GuardDuty finding: <title>
Optionally, it can also create the GuardDuty detector as well.
module "guardduty-notifications" {
source = "trussworks/guardduty-notifications/aws"
version = "5.0.0"
sns_topic_slack_arn = aws_sns_topic.slack.arn
sns_topic_pagerduty_arn = aws_sns_topic.pagerduty.arn
}
sns_topic_slack
and sns_topic_pagerduty
variables have beensns_topic_slack_arn
and sns_topic_pagerduty_arn
; theyaws_sns_topic
objects. Wenotify-slack
Version 3 makes a number of changes to the module that will break if it is updated in place. Specifically:
The GuardDuty detector is now an optional part of the module, and
defaults to off; if you are leaving the GuardDuty detector in this
module, you will need to add "create_detector = true" as a parameter
and do a terraform state mv
of the detector like so:
terraform state mv module.module_name.aws_guardduty_detector.main module.module_name.aws_guardduty_detector.main[0]
The sns_topic_name_slack
and sns_topic_name_pagerduty
variables
have been renamed sns_topic_slack
and sns_topic_pagerduty
because
they are not actually names, but the actual SNS topic objects.
Name | Version |
---|---|
terraform | >= 1.0 |
aws | >= 3.0 |
Name | Version |
---|---|
aws | >= 3.0 |
No modules.
Name | Type |
---|---|
aws_cloudwatch_event_rule.main | resource |
aws_cloudwatch_event_target.pagerduty | resource |
aws_cloudwatch_event_target.slack | resource |
aws_guardduty_detector.main | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
create_detector | Create GuardDuty detector | bool |
false |
no |
pagerduty_notifications | Enable PagerDuty notifications for GuardDuty findings | bool |
true |
no |
slack_notifications | Enable Slack notifications for GuardDuty findings | bool |
true |
no |
sns_topic_pagerduty_arn | PagerDuty SNS Topic ARN | string |
"" |
no |
sns_topic_slack_arn | Slack SNS Topic ARN | string |
"" |
no |
No outputs.
Install dependencies (macOS)
brew install pre-commit go terraform terraform-docs
pre-commit install --install-hooks