This module handles creation of AWS Config resources.
module "aws_config" {
source = "git::https://github.com/avlcloudtechnologies/terraform-aws-config.git?ref=v0.1.0
enable_aws_config = false
name = "my_prefix"
aws_config_bucket_name = "my_aws_config_s3_bucket"
}| Name | Version |
|---|---|
| aws | ~> 4.0 |
| Name | Version |
|---|---|
| aws | ~> 4.0 |
No modules.
| Name | Type |
|---|---|
| aws_config_configuration_recorder.this | resource |
| aws_config_configuration_recorder_status.this | resource |
| aws_config_delivery_channel.this | resource |
| aws_iam_policy.config_role_policy | resource |
| aws_iam_role.aws_config | resource |
| aws_iam_role_policy_attachment.config_role_policy | resource |
| aws_iam_role_policy_attachment.managed_policy | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.config_assume_role_policy | data source |
| aws_iam_policy_document.config_role_policy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_config_bucket_name | The name of the S3 bucket used to store the configuration history. | string |
n/a | yes |
| aws_config_delivery_frequency | The frequency with which AWS Config recurringly delivers configuration snapshotsE.g., One_Hour or Three_Hours.Valid values are listed here: https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents. | string |
"Six_Hours" |
no |
| aws_config_s3_key_prefix | The prefix for the specified S3 bucket. | string |
null |
no |
| aws_config_s3_kms_key_arn | The ARN of the AWS KMS key used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket. | string |
null |
no |
| aws_config_sns_topic_arn | The ARN of the SNS topic that AWS Config delivers notifications to. | string |
null |
no |
| enable_aws_config | Enables AWS Config | bool |
true |
no |
| iam_role_tags | IAM role tags | map(string) |
{} |
no |
| include_global_resource_types | Specifies whether AWS Config includes all supported types of global resources with the resources that it records. | bool |
true |
no |
| name | Prefix to be used with resources | string |
n/a | yes |
| resource_types | A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, AWS::EC2::Instance or AWS::CloudTrail::Trail). | list(string) |
null |
no |
| Name | Description |
|---|---|
| aws_config_role_arn | The ARN of the AWS config role. |
| aws_config_role_name | The name of the IAM role used by AWS config |