forked from schubergphilis/terraform-aws-mcaf-landing-zone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
audit_manager.tf
37 lines (30 loc) · 924 Bytes
/
audit_manager.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
resource "aws_auditmanager_account_registration" "default" {
count = var.aws_auditmanager.enabled == true ? 1 : 0
delegated_admin_account = data.aws_caller_identity.audit.account_id
deregister_on_destroy = true
kms_key = module.kms_key_audit.arn
}
module "audit_manager_reports" {
count = var.aws_auditmanager.enabled == true ? 1 : 0
providers = { aws = aws.audit }
source = "schubergphilis/mcaf-s3/aws"
version = "0.12.1"
name_prefix = var.aws_auditmanager.reports_bucket_prefix
versioning = true
lifecycle_rule = [
{
id = "retention"
enabled = true
abort_incomplete_multipart_upload = {
days_after_initiation = 7
}
noncurrent_version_expiration = {
noncurrent_days = 90
}
noncurrent_version_transition = {
noncurrent_days = 30
storage_class = "ONEZONE_IA"
}
}
]
}