diff --git a/examples/nonprod/terraform.tf b/examples/nonprod/terraform.tf index e69de29b..aa40eb43 100644 --- a/examples/nonprod/terraform.tf +++ b/examples/nonprod/terraform.tf @@ -0,0 +1,38 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.12.0" + } + + archive = { + source = "hashicorp/archive" + version = "~> 2.2.0" + } + + null = { + source = "hashicorp/null" + version = "~> 3.1.0" + } + + random = { + source = "hashicorp/random" + version = "~> 3.1.0" + } + } +} + +provider "aws" { + default_tags { + tags = { + "service" = "domain-protect" + "owner" = "security" + "environment" = "nonprod" + "managed_by" = "terraform" + } + } +} + +provider "archive" {} +provider "null" {} +provider "random" {} diff --git a/examples/organizations/main.tf b/examples/organizations/main.tf index 2bfaa2f0..e41e9130 100644 --- a/examples/organizations/main.tf +++ b/examples/organizations/main.tf @@ -1,3 +1,15 @@ module "domain_protect" { source = "../../" + + scan_schedule = "60 minutes" + update_schedule = "3 hours" + ip_scan_schedule = "24 hours" + + takeover = true +} + +resource "aws_iam_role" "domain_protect_org_role" { + provider = aws.org + + assume_role_policy = "UPDATE FROM DOCS" } diff --git a/examples/organizations/terraform.tf b/examples/organizations/terraform.tf index e69de29b..9eb38163 100644 --- a/examples/organizations/terraform.tf +++ b/examples/organizations/terraform.tf @@ -0,0 +1,60 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.12.0" + } + + archive = { + source = "hashicorp/archive" + version = "~> 2.2.0" + } + + null = { + source = "hashicorp/null" + version = "~> 3.1.0" + } + + random = { + source = "hashicorp/random" + version = "~> 3.1.0" + } + } +} + +provider "aws" { + + assume_role { + role_arn = "arn:aws:iam::1234567890:role/OrgRole" + } + + default_tags { + tags = { + "service" = "domain-protect" + "owner" = "security" + "environment" = "nonprod" + "managed_by" = "terraform" + } + } +} + +provider "aws" { + alias = "org" + + assume_role { + role_arn = "arn:aws:iam::1234567890:role/OrgRole" + } + + default_tags { + tags = { + "service" = "domain-protect" + "owner" = "security" + "environment" = "prod" + "managed_by" = "terraform" + } + } +} + +provider "archive" {} +provider "null" {} +provider "random" {} diff --git a/examples/prod/main.tf b/examples/prod/main.tf index 2bfaa2f0..a98994c6 100644 --- a/examples/prod/main.tf +++ b/examples/prod/main.tf @@ -1,3 +1,9 @@ module "domain_protect" { source = "../../" + + scan_schedule = "60 minutes" + update_schedule = "3 hours" + ip_scan_schedule = "24 hours" + + takeover = true } diff --git a/examples/prod/terraform.tf b/examples/prod/terraform.tf index e69de29b..30170061 100644 --- a/examples/prod/terraform.tf +++ b/examples/prod/terraform.tf @@ -0,0 +1,38 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.12.0" + } + + archive = { + source = "hashicorp/archive" + version = "~> 2.2.0" + } + + null = { + source = "hashicorp/null" + version = "~> 3.1.0" + } + + random = { + source = "hashicorp/random" + version = "~> 3.1.0" + } + } +} + +provider "aws" { + default_tags { + tags = { + "service" = "domain-protect" + "owner" = "security" + "environment" = "prod" + "managed_by" = "terraform" + } + } +} + +provider "archive" {} +provider "null" {} +provider "random" {} diff --git a/variables.tf b/variables.tf index 67e7dfb7..5c04c00b 100644 --- a/variables.tf +++ b/variables.tf @@ -61,7 +61,7 @@ variable "lambdas" { variable "takeover" { description = "Create supported resource types to prevent malicious subdomain takeover" - default = true + default = false } variable "update_lambdas" {