Skip to content

blackbird-cloud/terraform-aws-securityhub

BranchesTags

Repository files navigation

blackbird-logo

Requirements

Name Version
terraform >= 1
aws ~> 5

Providers

Name Version
aws 5.47.0

Modules

No modules.

Resources

Name Type
aws_securityhub_action_target.default resource
aws_securityhub_finding_aggregator.default resource
aws_securityhub_member.default resource
aws_securityhub_organization_configuration.default resource
aws_securityhub_product_subscription.default resource
aws_securityhub_standards_control.disabled_rules resource
aws_securityhub_standards_subscription.best_practices_aws_foundations_benchmark resource
aws_securityhub_standards_subscription.cis_1_2_aws_foundations_benchmark resource
aws_securityhub_standards_subscription.cis_1_4_aws_foundations_benchmark resource
aws_organizations_organizational_unit_descendant_accounts.default data source

Inputs

Name Description Type Default Required
action_targets Map of action targets to configure, configures AWS Security Hub to send selected insights and findings to Amazon EventBridge. 
map(object({
    name        = string
    identifier  = string
    description = string
  }))
 {} no
auto_enable (Optional) Whether to automatically enable Security Hub for new accounts in the organization. Defaults to false. bool true no
auto_enable_standards (Optional) Whether to automatically enable Security Hub default standards for new member accounts in the organization. By default, this parameter is equal to DEFAULT, and new member accounts are automatically enabled with default Security Hub standards. To opt out of enabling default standards for new member accounts, set this parameter equal to NONE. string "DEFAULT" no
disabled_rules Map of rules to disable from the enabled standards. 
map(object({
    standards_control_arn = string
    disabled_reason       = string
  }))
 {} no
enable_best_practices Whether to enable the AWS Foundational Security Best Practices standards subscription. bool true no
enable_cis_1_2 Whether to enable the CIS AWS Foundations Benchmark v1.2.0 standards subscription. If you want to disable this, on first deploy leave it enabled, then disable it. bool true no
enable_cis_1_4 Whether to enable the CIS AWS Foundations Benchmark v1.4.0 standards subscription. bool true no
enable_for_organizational_units Map of Organizational Units to enable Security Hub for. map(string) {} no
product_arns (Optional) Map of production name : product arn. The ARN of the product that generates findings that you want to import into Security Hub. map(string) {} no
region AWS Region used for picking up the ARNs for the securityhub standards subscriptions. string n/a yes

Outputs

Name Description
action_targets n/a
disabled_rules n/a
product_subscriptions n/a

About

We are Blackbird Cloud, Amsterdam based cloud consultancy, and cloud management service provider. We help companies build secure, cost efficient, and scale-able solutions.

Checkout our other 👉 terraform modules

Copyright

Copyright © 2017-2023 Blackbird Cloud

About

Terraform module to create an AWS Security Hub

Topics

aws terraform securityhub

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 1

Release v0.1.0 Latest
Jan 31, 2025

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages