A Terraform module that creates AWS Firewall Manager.
- See Example Codes for full details.
| Name | Version |
|---|---|
| terraform | >= 1.4.6 |
| aws | >= 5.82.2 |
| Name | Version |
|---|---|
| aws | >= 5.82.2 |
No modules.
| Name | Type |
|---|---|
| aws_fms_policy.this | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| delete_all_policy_resources | (Optional) If true, the request will also perform a clean-up process. Defaults to true. | bool |
true |
no |
| delete_unused_fm_managed_resources | (Optional) If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to false. | bool |
false |
no |
| description | (Optional) The description of the AWS Network Firewall firewall policy. | string |
null |
no |
| exclude_map | (Optional) A map of lists of accounts and OU's to exclude from the policy. | map(list(string)) |
{} |
no |
| exclude_resource_tags | (Required, Forces new resource) A boolean value, if true the tags that are specified in the resource_tags are not protected by this policy. If set to false and resource_tags are populated, resources that contain tags will be protected by this policy. | bool |
false |
no |
| include_map | (Optional) A map of lists of accounts and OU's to include in the policy. | map(list(string)) |
{} |
no |
| managed_service_data | (Optional) A list of resource types to protect. Conflicts with resource_type. | any |
n/a | yes |
| name | (Required, Forces new resource) The friendly name of the AWS Firewall Manager Policy. | string |
n/a | yes |
| remediation_enabled | (Required) A boolean value, indicates if the policy should automatically applied to resources that already exist in the account. | bool |
false |
no |
| resource_tags | (Optional) A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags. | map(string) |
{} |
no |
| resource_type_list | (Optional) A list of resource types to protect. | list(string) |
[] |
no |
| tags | (Optional) Key-value mapping of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | map(string) |
{} |
no |
| type | (Required, Forces new resource) The service that the policy is using to protect the resources. | string |
n/a | yes |
| Name | Description |
|---|---|
| aws_fms_policy_description | The Description of the AWS Firewall Manager policy. |
| aws_fms_policy_exclude_map | The Exclude Map of the AWS Firewall Manager policy. |
| aws_fms_policy_id | The ID of the AWS Firewall Manager policy. |
| aws_fms_policy_include_map | The Include Map of the AWS Firewall Manager policy. |
| aws_fms_policy_name | The Name of the AWS Firewall Manager policy. |
| aws_fms_policy_policy_update_token | A unique identifier for each update to the policy. |
| aws_fms_policy_tags_all | A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block. |