Skip to content

rhythmictech/terraform-aws-rhythmic-account-monitor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

.github

.github

 
 

bin

bin

 
 

examples/basic

examples/basic

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

.terraform-version

.terraform-version

 
 

.tflint.hcl

.tflint.hcl

 
 

.yamllint.yml

.yamllint.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

backup.tf

backup.tf

 
 

iam.tf

iam.tf

 
 

main.tf

main.tf

 
 

outputs.tf

outputs.tf

 
 

variables.tf

variables.tf

 
 

vaultlock.tf

vaultlock.tf

 
 

versions.tf

versions.tf

 
 

Repository files navigation

terraform-aws-rhythmic-account-monitor

Configures AWS health and account related notifications

tflint tfsec yamllint misspell pre-commit-check follow on Twitter

Example

Here's what using the module will look like

module "example" {
  source = "rhythmictech/rhythmic-account-monitor/aws"
  datadog_api_key_secret_arn = ""
}

About

Rhythmic is an AWS Managed Services Provider. We rely heavily on automation to deliver our services, ingesting configuration, event and state information from AWS via listeners (e.g., EventBridge and SNS), services (e.g., Anomaly Detection), and APIs via custom scripts (e.g., Trusted Advisor).

We open source the vast majority of the resources we use to deliver our managed services because transparency is one of our principles.

Requirements

Name Version
terraform >= 1.5
aws >= 4.62

Providers

Name Version
aws 5.36.0

Modules

Name Source Version
tags rhythmictech/tags/terraform ~> 1.1.1

Resources

Name Type
aws_accessanalyzer_analyzer.analyzer resource
aws_accessanalyzer_analyzer.analyzer_unused resource
aws_cloudwatch_event_rule.analyzer resource
aws_cloudwatch_event_rule.backup resource
aws_cloudwatch_event_rule.backup_event resource
aws_cloudwatch_event_rule.backup_vaultlock resource
aws_cloudwatch_event_rule.glacier_vaultlock resource
aws_cloudwatch_event_target.analyzer resource
aws_cloudwatch_event_target.backup resource
aws_cloudwatch_event_target.backup_event resource
aws_cloudwatch_event_target.backup_vaultlock resource
aws_cloudwatch_event_target.glacier_vaultlock resource
aws_sns_topic.account_alerts resource
aws_sns_topic_policy.account_alerts resource
aws_sns_topic_subscription.account_alerts resource
aws_iam_policy_document.account_alerts data source
aws_secretsmanager_secret.datadog_api_key data source
aws_secretsmanager_secret_version.datadog_api_key data source

Inputs

Name Description Type Default Required
datadog_api_key_secret_arn ARN of the AWS Secret containing the Datadog API key string n/a yes
enable_iam_access_analyzer A boolean flag to enable/disable IAM Access Analyzer bool false no
iam_analyzer_unused_access_age The age in days after which IAM access is considered unused. number 90 no
tags User-Defined tags map(string) {} no

Outputs

No outputs.

Getting Started

This workflow has a few prerequisites which are installed through the ./bin/install-x.sh scripts and are linked below. The install script will also work on your local machine.

We use tfenv to manage terraform versions, so the version is defined in the versions.tf and tfenv installs the latest compliant version. pre-commit is like a package manager for scripts that integrate with git hooks. We use them to run the rest of the tools before apply. terraform-docs creates the beautiful docs (above), tfsec scans for security no-nos, tflint scans for best practices.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Initial Release Latest
Mar 13, 2024

Packages

No packages published

Languages