Skip to content

Latest commit

 

History

History
 
 

securityhub-baseline

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

securityhub-baseline

Features

  • Enable SecurityHub.
  • Subscribe CIS benchmark standard.
  • Subscribe PCI DSS standard.
  • Subscribe AWS Foundational security best practices standard.

Requirements

Name Version
terraform >= 0.13
aws >= 3.50.0

Providers

Name Version
aws 3.60.0

Modules

No modules.

Resources

Name Type
aws_securityhub_account.main resource
aws_securityhub_member.members resource
aws_securityhub_product_subscription.products resource
aws_securityhub_standards_subscription.aws_foundational resource
aws_securityhub_standards_subscription.cis resource
aws_securityhub_standards_subscription.pci_dss resource
aws_region.current data source

Inputs

Name Description Type Default Required
enable_aws_foundational_standard Boolean whether AWS Foundations standard is enabled. bool true no
enable_cis_standard Boolean whether CIS standard is enabled. bool true no
enable_pci_dss_standard Boolean whether PCI DSS standard is enabled. bool true no
enable_product_arns List of Security Hub product ARNs, <REGION> will be replaced. See https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html for list. list(string) [] no
enabled The boolean flag whether this module is enabled or not. No resources are created when set to false. bool true no
member_accounts A list of IDs and emails of AWS accounts which associated as member accounts. 
list(object({
    account_id = string
    email      = string
  }))
 [] no

Outputs

No outputs.