Terraform Modules for AWS API & Application Integration Terraform AWS Step Functions State machines with IAM execution roles, logging, tracing, retries, timeouts, and workflow definitions for auditable application orchestration.
Controls enforced These compliance controls are checked at terraform plan time.
Quick start ACSC Essential Eight EU GMP Annex 11 ISO/IEC 27001:2022 NIS2 Directive (EU 2022/2555) PCI DSS v4.0 SOC 2
module "step-functions" { source = "acscessentialeight.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } module "step-functions" { source = "eugmpannex11.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } module "step-functions" { source = "iso27001.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } module "step-functions" { source = "nis2.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } module "step-functions" { source = "pcidss.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } module "step-functions" { source = "soc2.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" # ... your arguments here } See the Get Started guide and Registry Endpoints for details on how to customize the module for your requirements.
Migration from upstream Already using terraform-aws-modules? Change only the source URL:
Before After
module "step-functions" { source = "terraform-aws-modules/step-functions/aws" version = "1.0" } module "step-functions" { source = "soc2.compliance.tf/terraform-aws-modules/step-functions/aws" version = "1.0" } Same arguments. Same outputs. Controls are checked at terraform plan. See the Migration Guide for step-by-step instructions.
Reversibility No lock-in. Switch back by reverting the source URL:
module "step-functions" { source = "terraform-aws-modules/step-functions/aws" } Run terraform init -upgrade. Terraform state is unchanged — same resource addresses, same provider, no compliance.tf-specific resources. Controls you already applied remain in AWS.
Mapped compliance frameworks ACSC Essential Eight EU GMP Annex 11 ISO/IEC 27001:2022 NIS2 Directive (EU 2022/2555) PCI DSS v4.0 SOC 2
ACSC-EE-ML2-7.7: Multi-factor authentication ML2
10.2.1.1: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.2: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.3: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.4: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.5: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.6: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1.7: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.1: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.2.2: Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.
10.3.1: Audit logs are protected from destruction and unauthorized modifications.
10.6.3: Time-synchronization mechanisms support consistent time settings across all systems.
5.3.4: Anti-malware mechanisms and processes are active, maintained, and monitored.
A1.2.1: Multi-tenant service providers facilitate logging and incident response for all customers.
A1.2.3: Processes or mechanisms are implemented for reporting and addressing suspected or confirmed security incidents and vulnerabilities
A1.2 The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives
PI1.3 Data is processed completely, accurately, and timely as authorized to meet the entity's processing integrity commitments and system requirements
Framework coverage Which controls from this module are active under each framework endpoint.
● enforced by default · ○ not activated by this endpoint
