Skip to content

darktrace/terraform-aws-mirror-on-new-instance

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
files
files
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
eventbridge_rule.tf
eventbridge_rule.tf
 
 
lambda-iam.tf
lambda-iam.tf
 
 
lambda.tf
lambda.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Overview

This Quick Start terraform module deploys Lambda function on the Amazon Web Services (AWS) Cloud.

This Lambda function creates mirror session for newly created EC2 instances by matching a certain tag key value pair.

This module can be combined with the terraform-aws-vsensor module.

Usage

Before you start

The Lambda function creates mirror sessions for all newly created instances with the selected tag_key / tag_value.

Deploy the module

module "lambda_mirror_new_instance" {
  source = "git::https://github.com/darktrace/terraform-aws-mirror-on-new-instance?ref=<version>"

  session_number           = "1"
  tag_key                  = "Mirroring"
  tag_value                = "True"
  traffic_mirror_filter_id = "tmt-xxxxxxxxxxxxxxxxx"
  traffic_mirror_target_id = "tmf-xxxxxxxxxxxxxxxxx"
  virtual_network_id       = "1"
}

Deploy the module together with the vSensor module

module "lambda_mirror_new_instance" {
  source = "git::https://github.com/darktrace/terraform-aws-mirror-on-new-instance?ref=<version>"

  session_number           = "1"
  tag_key                  = "Mirroring"
  tag_value                = "True"
  traffic_mirror_filter_id = module.vsensors.traffic_mirror_filter_id
  traffic_mirror_target_id = module.vsensors.traffic_mirror_target_id
  virtual_network_id       = "1"
}

module "vsensors" {
  source = "git::https://github.com/darktrace/terraform-aws-vsensor?ref=<version>"

  deployment_prefix = "dt"

  vpc_enable            = true
  vpc_cidr              = "10.0.0.0/16"
  availability_zone     = ["eu-west-1a", "eu-west-1b"]
  private_subnets_cidrs = ["10.0.0.0/23", "10.0.2.0/23"]
  public_subnets_cidrs  = ["10.0.246.0/23", "10.0.248.0/23"]

  update_key           = "dt_update_key"
  push_token           = "dt_push_token"
  instance_host_name   = "dt-master-instance.com"

  desired_capacity = 2
  max_size         = 2
  min_size         = 2
}

Requirements

Name Version
terraform >= 1.6
archive ~> 2.4.2
aws >= 5.23

Providers

Name Version
archive ~> 2.4.2
aws >= 5.23

Modules

No modules.

Resources

Name Type
aws_cloudwatch_event_rule.new_instance resource
aws_cloudwatch_event_target.lambda resource
aws_iam_policy.mirror_lambda_minimal_permissions resource
aws_iam_role.mirror_lambda_permissions resource
aws_iam_role_policy_attachment.lambda_basic_execution_poicy resource
aws_iam_role_policy_attachment.mirror_lambda_minimal_permissions resource
aws_lambda_function.mirror_on_new_instance resource
aws_lambda_permission.allow_cloudwatch resource
archive_file.mirror_on_new_instance data source
aws_iam_policy.lambda_basic_execution_role data source
aws_iam_policy_document.mirror_lambda_minimal_permissions data source

Inputs

Name Description Type Default Required
lambda_architecture Architecture for your Lambda function. Valid values are x86_64 and arm64. Default is x86_64 list 
[
  "x86_64"
]
 no
session_number Session number. string n/a yes
tag_key Tag key. string n/a yes
tag_value Tag value. string n/a yes
traffic_mirror_filter_id Traffic mirror filter id. string n/a yes
traffic_mirror_target_id Traffic mirror target id. string n/a yes
virtual_network_id Virtual network id. string n/a yes

Outputs

No outputs.

Related Projects

Check out these related projects.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 4

1.1.0 Latest
Jul 3, 2025
+ 3 releases

Packages

 
 
 

Contributors

Languages