From ad6148787c972c4a4501738275563fd220107945 Mon Sep 17 00:00:00 2001 From: rnjsdbwlsqwer Date: Thu, 3 Jul 2025 18:41:13 +0900 Subject: [PATCH 1/3] =?UTF-8?q?=ED=8C=8C=EC=9D=BC=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- identity-team-account/s.tf | 0 operation-team-account/s.tf | 0 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 identity-team-account/s.tf create mode 100644 operation-team-account/s.tf diff --git a/identity-team-account/s.tf b/identity-team-account/s.tf new file mode 100644 index 0000000..e69de29 diff --git a/operation-team-account/s.tf b/operation-team-account/s.tf new file mode 100644 index 0000000..e69de29 From 3d0b9a8c4282ffcc092491ac565ca3239e827045 Mon Sep 17 00:00:00 2001 From: imyourhopeee <144752063+imyourhopeee@users.noreply.github.com> Date: Fri, 4 Jul 2025 17:41:01 +0900 Subject: [PATCH 2/3] d --- identity-team-account/s3/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/identity-team-account/s3/main.tf b/identity-team-account/s3/main.tf index 25807eb..0120d24 100644 --- a/identity-team-account/s3/main.tf +++ b/identity-team-account/s3/main.tf @@ -84,7 +84,7 @@ resource "aws_dynamodb_table" "resource_locks" { for_each = toset(local.resources) name = "${each.key}-identity-lock" billing_mode = "PAY_PER_REQUEST" - hash_key = "LockID" + hash_key = "LockID" attribute { name = "LockID" From fa44e948bb1b5847514085fb2d5f118e04175887 Mon Sep 17 00:00:00 2001 From: imyourhopeee <144752063+imyourhopeee@users.noreply.github.com> Date: Fri, 4 Jul 2025 17:44:32 +0900 Subject: [PATCH 3/3] change file --- identity-team-account/s3/main.tf | 206 +++++++++++++++---------------- 1 file changed, 103 insertions(+), 103 deletions(-) diff --git a/identity-team-account/s3/main.tf b/identity-team-account/s3/main.tf index 0120d24..6b225a5 100644 --- a/identity-team-account/s3/main.tf +++ b/identity-team-account/s3/main.tf @@ -1,103 +1,103 @@ -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - } - } -} - -provider "aws" { - region = "ap-northeast-2" -} - -# S3 버킷 생성 -resource "aws_s3_bucket" "state_org" { - bucket = "cloudfence-identity-bucket" - - lifecycle { - prevent_destroy = true - } - - tags = { - Name = "Terraform State Bucket" - Environment = "identity" - } -} - -# 버킷 버전 관리 -resource "aws_s3_bucket_versioning" "state_org_versioning" { - bucket = aws_s3_bucket.state_org.id - - versioning_configuration { - status = "Enabled" - } -} - -# 버킷 소유권 제어 -resource "aws_s3_bucket_ownership_controls" "ownership" { - bucket = aws_s3_bucket.state_org.id - - rule { - object_ownership = "ObjectWriter" - } -} - -# 퍼블릭 접근 차단 -resource "aws_s3_bucket_public_access_block" "state_org_block" { - bucket = aws_s3_bucket.state_org.id - block_public_acls = true - block_public_policy = true - ignore_public_acls = true - restrict_public_buckets = true -} - -# S3 암호화를 위한 KMS 키 -resource "aws_kms_key" "s3_key" { - description = "KMS key for S3 encryption" - enable_key_rotation = true -} - -# S3 버킷 서버 측 암호화 -resource "aws_s3_bucket_server_side_encryption_configuration" "encryption" { - bucket = aws_s3_bucket.state_org.id - - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "aws:kms" - kms_master_key_id = aws_kms_key.s3_key.arn - } - } -} - -# 리소스 단위 Lock Table - -locals { - resources = [ - "cloudwatch", - "firehose", - "opensearch", - "securitylake" - ] -} - -resource "aws_dynamodb_table" "resource_locks" { - for_each = toset(local.resources) - name = "${each.key}-identity-lock" - billing_mode = "PAY_PER_REQUEST" - hash_key = "LockID" - - attribute { - name = "LockID" - type = "S" - } - - # 서버 측 암호화 설정 - server_side_encryption { - enabled = true # 서버 측 암호화 활성화 - } - - tags = { - Name = "${each.key} Lock Table" - Environment = "identity" - } -} \ No newline at end of file +# terraform { +# required_providers { +# aws = { +# source = "hashicorp/aws" +# } +# } +# } + +# provider "aws" { +# region = "ap-northeast-2" +# } + +# # S3 버킷 생성 +# resource "aws_s3_bucket" "state_org" { +# bucket = "cloudfence-identity-bucket" + +# lifecycle { +# prevent_destroy = true +# } + +# tags = { +# Name = "Terraform State Bucket" +# Environment = "identity" +# } +# } + +# # 버킷 버전 관리 +# resource "aws_s3_bucket_versioning" "state_org_versioning" { +# bucket = aws_s3_bucket.state_org.id + +# versioning_configuration { +# status = "Enabled" +# } +# } + +# # 버킷 소유권 제어 +# resource "aws_s3_bucket_ownership_controls" "ownership" { +# bucket = aws_s3_bucket.state_org.id + +# rule { +# object_ownership = "ObjectWriter" +# } +# } + +# # 퍼블릭 접근 차단 +# resource "aws_s3_bucket_public_access_block" "state_org_block" { +# bucket = aws_s3_bucket.state_org.id +# block_public_acls = true +# block_public_policy = true +# ignore_public_acls = true +# restrict_public_buckets = true +# } + +# # S3 암호화를 위한 KMS 키 +# resource "aws_kms_key" "s3_key" { +# description = "KMS key for S3 encryption" +# enable_key_rotation = true +# } + +# # S3 버킷 서버 측 암호화 +# resource "aws_s3_bucket_server_side_encryption_configuration" "encryption" { +# bucket = aws_s3_bucket.state_org.id + +# rule { +# apply_server_side_encryption_by_default { +# sse_algorithm = "aws:kms" +# kms_master_key_id = aws_kms_key.s3_key.arn +# } +# } +# } + +# # 리소스 단위 Lock Table + +# locals { +# resources = [ +# "cloudwatch", +# "firehose", +# "opensearch", +# "securitylake" +# ] +# } + +# resource "aws_dynamodb_table" "resource_locks" { +# for_each = toset(local.resources) +# name = "${each.key}-identity-lock" +# billing_mode = "PAY_PER_REQUEST" +# hash_key = "LockID" + +# attribute { +# name = "LockID" +# type = "S" +# } + +# # 서버 측 암호화 설정 +# server_side_encryption { +# enabled = true # 서버 측 암호화 활성화 +# } + +# tags = { +# Name = "${each.key} Lock Table" +# Environment = "identity" +# } +# } \ No newline at end of file