-
Notifications
You must be signed in to change notification settings - Fork 22
/
account_audit.tf
28 lines (23 loc) · 1.15 KB
/
account_audit.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
resource "aws_iam_account_password_policy" "audit" {
count = var.aws_account_password_policy != null ? 1 : 0
provider = aws.audit
allow_users_to_change_password = var.aws_account_password_policy.allow_users_to_change
max_password_age = var.aws_account_password_policy.max_age
minimum_password_length = var.aws_account_password_policy.minimum_length
password_reuse_prevention = var.aws_account_password_policy.reuse_prevention_history
require_lowercase_characters = var.aws_account_password_policy.require_lowercase_characters
require_numbers = var.aws_account_password_policy.require_numbers
require_symbols = var.aws_account_password_policy.require_symbols
require_uppercase_characters = var.aws_account_password_policy.require_uppercase_characters
}
resource "aws_ebs_encryption_by_default" "audit" {
provider = aws.audit
enabled = var.aws_ebs_encryption_by_default
}
resource "aws_s3_account_public_access_block" "audit" {
provider = aws.audit
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}