guardduty

dod-iac/guardduty/aws

Terraform Module HCL AWS

Creates an AWS GuardDuty Detector

Install

module "guardduty" {

source = "dod-iac/guardduty/aws"

version = "1.1.0"

}

plain text: /constructs/tfmod-dod-iac-guardduty-aws/install.txt

⭐ Source on GitHub 📦 Registry page

README

Usage Creates an AWS GuardDuty Detector, KMS Key for encrypting exports to S3, and CloudWatch rule to watch for findings. ``hcl module "guardduty" { source = "dod-iac/guardduty/aws" tags = { Application = var.application Environment = var.environment Automation = "Terraform" } } ` You can customize the finding publishing frequency. `hcl module "guardduty" { source = "dod-iac/guardduty/aws" enable = true finding_publishing_frequency = "SIX_HOURS" tags = { Application = var.application Environment = var.environment Automation = "Terraform" } } ` You can exports GuardDuty findings to a S3 bucket using the s3\_bucket\_name variable. `hcl module "guardduty" { source = "dod-iac/guardduty/aws" enable = true s3_bucket_name = module.logs.aws_logs_bucket tags = { Application = var.application Enviro

Inputs (6)

Name	Type	Description	Default
kms_alias_name	string	The display name of the alias of the KMS key used to encrypt exports to S3. The	`"alias/guardduty"`
kms_key_tags	map(string)	Tags to apply to the AWS KMS Key used to encrypt exports to S3.	`{}`
s3_bucket_name	string	The name of the S3 bucket that receives findings from GuardDuty. If blank, then	`""`
s3_bucket_prefix	string	The prefix for where findings from GuardDuty are stored in the S3 bucket. Shoul	`"/guardduty"`
enable	bool	Enable monitoring and feedback reporting. Setting to false is equivalent to "su	`true`
finding_publishing_frequency	string	Specifies the frequency of notifications sent for subsequent finding occurrences	`"FIFTEEN_MINUTES"`