Terraform module for AWS tenant
| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 3.0 |
| streamsec | >= 1.7 |
| time | >= 0.11 |
| Name | Version |
|---|---|
| aws | >= 3.0 |
| streamsec | >= 1.7 |
| time | >= 0.11 |
No any additional modules are required.
| Name | Type |
|---|---|
| aws_cloudtrail.streamsec_cloudtrail | resource |
| aws_iam_policy.streamsec_policy | resource |
| aws_iam_role.this | resource |
| aws_iam_role_policy_attachment.streamsec_policy_attachment | resource |
| aws_s3_bucket.streamsec_cloudtrail_bucket | resource |
| aws_s3_bucket_policy.s3_cloudtrail_policy_attachment | resource |
| streamsec_aws_account.this | resource |
| streamsec_aws_account_ack.this | resource |
| time_sleep.wait | resource |
| aws_caller_identity.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_account_display_name | The display name for the AWS account to be protected by Stream.Security. | string |
n/a | yes |
| aws_account_regions | The AWS regions for the AWS account to be protected by Stream.Security. | list(string) |
n/a | yes |
| cloudtrail_bucket_force_destroy | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error | bool |
true |
no |
| cloudtrail_bucket_name | The name of the S3 bucket to store CloudTrail logs in | string |
"streamsec-cloudtrail" |
no |
| cloudtrail_bucket_tags | tags for cloudtrail bucket | map(string) |
{} |
no |
| cloudtrail_bucket_use_name_prefix | Determines whether the CloudTrail bucket name (cloudtrail_bucket_name) is used as a prefix |
bool |
true |
no |
| cloudtrail_name | Name of the CloudTrail to create | string |
"streamsec-real-time-cloudtrail" |
no |
| cloudtrail_tags | tags for cloudtrail | map(string) |
{} |
no |
| create_cloudtrail | Whether to create a CloudTrail for the AWS account | bool |
false |
no |
| iam_policy_description | Description to use on IAM policy created | string |
"Stream Security IAM Policy" |
no |
| iam_policy_name | Name to use on IAM policy created | string |
"streamsec-policy" |
no |
| iam_policy_path | IAM policy path | string |
null |
no |
| iam_policy_tags | A map of additional tags to add to the IAM policy created | map(string) |
{} |
no |
| iam_policy_use_name_prefix | Determines whether the IAM policy name (iam_policy_name) is used as a prefix |
bool |
true |
no |
| iam_role_description | Description to use on IAM role created | string |
"Stream Security IAM Role" |
no |
| iam_role_name | Name to use on IAM role created | string |
"streamsec-role" |
no |
| iam_role_path | Cluster IAM role path | string |
null |
no |
| iam_role_tags | A map of additional tags to add to the IAM role created | map(string) |
{} |
no |
| iam_role_use_name_prefix | Determines whether the IAM role name (iam_role_name) is used as a prefix |
bool |
true |
no |
| streamsec_account | The AWS Account ID for the Stream.Security account. | string |
"624907860825" |
no |
| tags | A map of global tags to add to all created resources | map(string) |
{} |
no |
No outputs.