All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Updated scripts to work with Amazon Linux 2023
- Reformat markdown files for compliance
- Enabled service access principal for GuardDuty separately and not via import-org
terraform applyoption for import-org
- Automation to dynamically update
guardduty.amazonaws.comto the list of service access principals in the organization; prior to this update this was to be done manually
- Aligned with the AWS SRA to re-locate the KMS key to the security account; prior to this change this key was created in the logging account
- Updated required version from
= 0.14.6to>= 0.14.6to add support for higher versions of Terraform; tested with version1.2.8
- CloudFormation templates to create IAM roles in the management account
- Scripts to populate the templates with values in configuration file
- Script
generate-tfvars.shto generate backend.tf and terraform.tfvars code files for each Terraform module
- Updated scripts to work on Amazon Linux 2
- Configuration file with default values
- Script to perform full setup
- Terraform code generation of python scripts to dynamically generate GuardDuty-enabled code for allowed regions
- Consoldated to a 2-step deploy
- Hardcoded regions list and added api calls to create the 'allowed' regions list from an intersection of regions where GuardDuty is available and another list of regions that are enabled and opted in for the delegated administrator account
- Initial version