This module adds an AWS account to Rubrik Security Cloud (RSC/Polaris).
There are a few services you'll need in order to get this project off the ground:
- Terraform v1.5.6 or greater
- Rubrik Polaris Provider for Terraform - provides Terraform functions for Rubrik Security Cloud (Polaris)
- Install the AWS CLI - Needed for Terraform to authenticate with AWS
# Setting up an AWS account that will use all features.
module "polaris-aws-cloud-native" {
source = "rubrikinc/polaris-cloud-native/aws"
aws_account_name = "my_aws_account_hosted_exocompute"
aws_account_id = "123456789012"
aws_regions = ["us-west-2","us-east-1"]
rsc_credentials = "../.creds/customer-service-account.json"
rsc_aws_features = [
{
name = "CLOUD_NATIVE_PROTECTION",
permission_groups = []
},
{
name = "RDS_PROTECTION",
permission_groups = []
},
{
name = "CLOUD_NATIVE_S3_PROTECTION"
permission_groups = []
},
{
name = "EXOCOMPUTE"
permission_groups = []
},
{
name = "CLOUD_NATIVE_ARCHIVAL",
permission_groups = []
}
]
}| Name | Version |
|---|---|
| terraform | >=1.5.6 |
| aws | ~>5.26.0 |
| polaris | =0.8.0-beta.16 |
| Name | Version |
|---|---|
| aws | 5.26.0 |
| polaris | 0.8.0-beta.15 |
| Name | Type |
|---|---|
| aws_iam_instance_profile.profile | resource |
| aws_iam_role.rsc_roles | resource |
| polaris_aws_cnp_account.account | resource |
| polaris_aws_cnp_account_attachments.attachments | resource |
| polaris_aws_cnp_account_trust_policy.trust_policy | resource |
| polaris_aws_cnp_artifacts.artifacts | data source |
| polaris_aws_cnp_permissions.permissions | data source |
No modules.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_account_id | AWS account ID to protect with Rubrik Security Cloud. | string |
n/a | yes |
| aws_account_name | AWS account name to protect with Rubrik Security Cloud. | string |
n/a | yes |
| aws_ec2_recovery_role_path | EC2 recovery role path for the cross account role. | string |
"" |
no |
| aws_external_id | External ID for the AWS cross account role. If left empty, RSC will automatically generate an external ID. | string |
"" |
no |
| aws_profile | AWS profile to use for the Rubrik Security Cloud account. | string |
n/a | yes |
| aws_regions | AWS regions to protect with Rubrik Security Cloud. | set(string) |
n/a | yes |
| aws_role_path | AWS role path for cross account role. | string |
"/" |
no |
| rsc_aws_delete_snapshots_on_destroy | Delete snapshots in AWS when account is removed from Rubrik Security Cloud. | bool |
false |
no |
| rsc_aws_features | RSC features with permission groups. | set(object({ |
n/a | yes |
| rsc_cloud_type | AWS cloud type in RSC. | string |
"STANDARD" |
no |
| rsc_credentials | Path to the Rubrik Security Cloud service account file. | string |
n/a | yes |
| Name | Description |
|---|---|
| aws_eks_worker_node_role_arn | n/a |
| aws_iam_cross_account_role_arn | n/a |
| cluster_master_role_arn | n/a |
| rsc_aws_cnp_account_id | n/a |
| worker_instance_profile | n/a |