AWS RDS Aurora Terraform module
Upstream version 10.2.0
4 controls from ACSC Essential Eight requirements
Terraform Module Source
acscessentialeight.compliance.tf/terraform-aws-modules/rds-aurora/awsBehavioral Summary
This module modifies 3 variable defaults and makes 0 resource changes from the upstream module. All changes are driven by compliance controls and can be reviewed in detail below.
Your Code Impact
If you are migrating from the upstream module, the enforced default changes mean your existing configurations will automatically gain compliance controls. Variables you have explicitly set will continue to use your values. Review the diff below to understand exactly what changes.
Compared to
terraform-aws-modules/rds-aurora/aws@10.2.03 changesVariables Changed
3| Variable | Upstream | CTF | Reason | Control |
|---|---|---|---|---|
| backtrack_window | - | 72 | This control checks whether AWS Aurora clusters have backtracking enabled. Backups help you to recover more quickly from a security incident. They also strengthen the resilience of your systems. Aurora backtracking reduces the time to recover a database to a point in time. It does not require a database restore to so. | rds_db_cluster_aurora_backtracking_enabled |
| enabled_cloudwatch_logs_exports | [] | [ "audit" ] | This control checks whether an Amazon Aurora MySQL DB cluster has audit logging enabled. The control fails if an Aurora MySQL DB cluster doesn't have audit logging enabled. | rds_db_cluster_aurora_mysql_audit_logging_enabled |
| iam_database_authentication_enabled | - | true | Checks if an AWS RDS Cluster has AWS Identity and Access Management (IAM) authentication enabled. The rule is non-compliant if an RDS Cluster does not have IAM authentication enabled. | rds_db_cluster_iam_authentication_enabled |