Skip to content

Latest commit

 

History

History
86 lines (73 loc) · 8.02 KB

README.md

File metadata and controls

86 lines (73 loc) · 8.02 KB
Raw

AWS S3 Bucket Module

This module creates AWS S3 Bucket with custom policies: Read_Only, WriteRead_Only, and FullAccess.

Example

# main.tf
module "s3_bucket" {
  source    = "git::https://github.com/lpavliuk/Terraform-Modules.git//aws_s3_bucket"

  bucket_prefix                      = "bucket-name-"
  enable_versioning                  = true
  create_iam_policies                = false

  noncurrent_version_expiration_days = 14
}

Requirements

Name Version
terraform < 2.0.0, >= 1.6.6
aws < 6.0, >= 5.22

Inputs

Name Description Type Default Required
bucket_prefix Bucket Prefix. The full bucket name will be generated by AWS module string n/a yes
is_public Defines whether the bucket is public. bool false no
enable_versioning Enable bucket versioning bool false no
create_iam_policies Create custom IAM Policies: Read_Only, WriteRead_Only, and FullAccess bool false no
keep_last_versions_number Number of last non-current versions to retain forever number 0 no
current_version_expiration_days Number of days a current version expires. NOTE: 0 disables the expiration number 0 no
noncurrent_version_expiration_days Number of days a non-current version expires number 30 no
version_transitions Version Transitions settings. Available storage_class:
- GLACIER
- STANDARD_IA
- ONEZONE_IA
- INTELLIGENT_TIERING
- DEEP_ARCHIVE
- GLACIER_IR		 
list(object({
    keep_last_versions_number = optional(number)
    after_days                = number
    storage_class             = string
  }))
 [] no
expired_object_delete_marker Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions.
Conflicts with current_version_expiration_days		 bool true no
abort_incomplete_multipart_upload_after_days Days since the initiation of an incomplete multipart upload that Amazon S3 will wait before
permanently removing all parts of the upload		 number 1 no
enable_replication Enable bucket replication bool false no
replica_bucket_arn S3 Bucket ARN that objects will be replicating to string "" no
delete_marker_replication Enable Delete Marker replication bool false no
aws_cli_profile AWS CLI Profile used for this module. Used to execute AWS CLI local-exec commands absent in Terraform string "" no
force_destroy Allow S3 bucket destruction regardless existed objects bool false no

Outputs

Name Description
id Bucket ID
arn Bucket ARN
name Bucket Name
domain_name Bucket Regional Domain Name
cross_region_replication Bucket replication enabled status
replica_bucket_arn Replica bucket ARN that objects are replicated to
iam_policy_read_only_arn Custom Read Only IAM Policy ARN
iam_policy_write_read_only_arn Custom Write and Read Only IAM Policy ARN
iam_policy_full_access_arn Custom Full Access IAM Policy ARN

Resources

Name Type
aws_iam_policy.full_access resource
aws_iam_policy.read_only resource
aws_iam_policy.write_read_only resource
aws_iam_role.replication resource
aws_iam_role.s3_batch_operation resource
aws_s3_bucket.this resource
aws_s3_bucket_acl.this resource
aws_s3_bucket_lifecycle_configuration.this resource
aws_s3_bucket_ownership_controls.this resource
aws_s3_bucket_public_access_block.this resource
aws_s3_bucket_replication_configuration.replication resource
aws_s3_bucket_versioning.this resource
null_resource.s3_batch_operation resource
aws_caller_identity.current data source
aws_iam_policy_document.replica_role data source
aws_iam_policy_document.replication data source
aws_iam_policy_document.s3_batch_operation data source
aws_iam_policy_document.s3_batch_operation_role data source
aws_region.current data source