Terraform module to enable and configure SecurityHub. The module supports independent
accounts with the top-level module, and the cross-account invite/accept workflow with
the modules/cross-account-member module.
You can find example implementations of this module in the tests folder. This module
requires 2 different AWS accounts to test and so the terraform aws provider definitions
are assuming that you will be using a profile with the name resource-owner and resource-member.
Note: the implementation tests/create_securityhub_member will require you to provide the variables
email_address prior to use
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| aws | >= 3.29.0 |
No providers.
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| action_targets | Schema list of SecurityHub action targets. | list(object({ |
[] |
no |
| product_subscription_arns | List of product arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_product_subscription.html | list(string) |
[] |
no |
| standard_subscription_arns | List of standard arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_standards_subscription.html | list(string) |
[] |
no |
| Name | Description |
|---|---|
| account | Object containing the SecurityHub account resource |
| action_targets | Object containing the SecurityHub action targets resources |
| subscriptions | Object containing the SecurityHub subscriptions resources |