High level CDKTF construct to provision secure configurations with AWS
Project description
Terraform CDK - AWS Secure constructs
The Level 2 construct can be used to set up your AWS account with the reasonably secure configuration baseline. Internally it uses the Terraform CDK and the AWS Provider.
Features
- Account password policies
- Cloudtrail
- Guardduty
- EBS encrypt default
- VPC flow log
- Security Hub
- Enable Config rules above
Install
Just the constructs
npm install cdktf-aws-secure
Examples
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from constructs import Construct
from cdktf import Resource
from cdktf_aws_secure import secure
class AwsSecure(Resource):
def __init__(self, scope, name):
super().__init__(scope, name)
policy = secure.EnableAccountPasswordPolicy(self, "DefaultAccountPwdPolicy")
policy.add_config_rule()# and also add Config rule.
# enable guardduty
secure.EnableGuardduty(self, "EnableGuardduty")
# enable cloudtrail
secure.EnableCloudTrail(self, "EnableCloudTrail")
# enable ebs encrypt default
secure.EnableEbsEncryption(self, "EnableEbsEncryption")secure.EnableGuardduty(self, "EnableGuardduty")
# enable vpc flow log
secure.EnableVpcFlowLog(self, "EnableVpcFlowLog",
vpc_id="vpc-0123456789"
)
# enable security hub
secure.EnableSecurityHub(self, "EnableSecurityHub")
Docs
See API Docs
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
cdktf-aws-secure-2.0.1.tar.gz
(113.8 kB
view hashes)
Built Distribution
Close
Hashes for cdktf_aws_secure-2.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1be42ea9a56820465ce4a3c67bfe20919219862061319167cb515a50611c721c |
|
MD5 | 3b0c902c4a72d49b3163604f42f9ce81 |
|
BLAKE2b-256 | 0fc754b062fa2d971163dbd91d2aceca3ef8db4890b87bf9743d7da214c40278 |