maskopy
DNXLabs/maskopy/aws
Maskopy solution is to Copy and Obfuscate Production Data to Target Environments in AWS. It uses AWS Serverless services, Step functions, Lambda and Fargate.
Install
README
terraform-aws-maskopy   Overview: Maskopy solution is to Copy and Obfuscate Production Data to Target Environments in AWS. It uses AWS Serverless services, Step functions, Lambda and Fargate. Features: Simplified Copy and Obfuscation Maskopy copies and provides ability to run obfuscation on production data across AWS accounts. Any sensitive information in the production data is obfuscated in a transient instance. The final obfuscated snapshot is shared in the user-specified environments. Self-Service and End-To-End Automation Maskopy is a self-serviced solution that allows users to get production data without involving multiple teams. It is
Inputs (22)
| Name | Type | Description | Default |
|---|---|---|---|
| staging_vpc_id | string | VPC id for the staging account. | |
| rds_staging_subnet_group_name | string | Staging RDS option group name to deploy the transient database. | |
| obfuscation_scripts_bucket_name | string | Bucket to store the obfuscations scripts, they should be uploaded inside `/obfus | |
| staging_subnet_ids | list(string) | Subnets inside the staging VPC to deploy the lambdas and ECS tasks. | |
| staging_rds_default_kms_key_id | string | KMS key that maskopy will use for the transient RDS. | |
| lambda_role_name | string | Lambda role name. | "LAMBDA_MASKOPY" |
| replicate_destination_bucket_name | string | Name of the bucket to send dumps data from source bucket. | "" |
| sqs_queue_name | string | SNS queue name to send messages when step functions complete running. | "maskopy_sqs_queue" |
| step_function_state_machine_name | string | Name for the step functions state machine. | "maskopy-state-machine" |
| custom_source_kms_key | string | Custom KMS key, used when variable `custom_source_kms_key_enabled` equals to tru | "" |
| create_obfuscation_scripts_bucket | bool | Create bucket to store obfuscation scripts. | true |
| lambdas_names | list(string) | [
"00-AuthorizeUser",
"01-UseExistin | |
| cost_center | string | All the temporary resources are tagged with the code. | "MaskopyCost" |
| ecs_docker_image | string | Docker image that ECS task will run with and will download the scripts from S3 o | "dnxsolutions/obfuscation" |
| replicate_obfuscation_bucket | bool | Replicate data inside the bucket to another acount. | true |
| replicate_obfuscation_bucket_prefix | string | Name of prefix to replicate inside the bucket to another acount. | "dumps" |
| application_name | string | The name for the maskopy application, this name should match part of the string | "MASKOPY" |
| enabled | bool | If true, will deploy the maskopy solution. | true |
| ecs_fargate_role_name | string | ECS role name. | "ECS_MASKOPY" |
| replicate_destination_account_id | string | Name of the bucket to send dumps data from source bucket. | "" |
| build_lambda_layer | bool | If true will build the lambda layer. Set to true only with local source module. | false |
| custom_source_kms_key_enabled | bool | Only used when encrypt RDS in source account with another KMS key. Remember to a | false |
Resources (13)
Details
Similar packages
Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,