-
Notifications
You must be signed in to change notification settings - Fork 62
/
Copy pathaudit_manager.tf
51 lines (44 loc) · 1.39 KB
/
audit_manager.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
locals {
# Process controls to handle null/empty parameters correctly
framework_controls = [
for control in var.audit_framework.controls : {
name = control.name
# Only create parameters if both name and value are non-null and non-empty
parameters = (control.parameter_name == null || control.parameter_name == "" ||
control.parameter_value == null || control.parameter_value == "") ? [] : [
{
name = control.parameter_name
value = control.parameter_value
}
]
}
]
}
resource "aws_backup_framework" "ab_framework" {
count = var.audit_framework.create ? 1 : 0
name = var.audit_framework.name
description = var.audit_framework.description
dynamic "control" {
for_each = local.framework_controls
content {
name = control.value.name
# Only create input_parameter block if parameters exist
dynamic "input_parameter" {
for_each = control.value.parameters
content {
name = input_parameter.value.name
value = input_parameter.value.value
}
}
}
}
# Only add tags if they are provided
tags = var.tags
timeouts {
create = "20m"
update = "20m"
delete = "20m"
}
}
# Note: Framework policy assignment is not currently supported by the AWS provider
# You'll need to manage framework policy assignments through the AWS Console or AWS CLI