Skip to content

Latest commit

 

History

History
84 lines (62 loc) · 3.24 KB

README.md

File metadata and controls

84 lines (62 loc) · 3.24 KB

terraform-aws-s3-upload

Creates the relevant infrastructure needed to handle AWS S3 file uploads.

Anti-virus Scanning

Anti-virus scanning is handled via an AWS Lambda function using bucket-antivirus-function.

This package will need to be made and uploaded to wherever you keep Lambda artifacts. This bucket corresponds to the lambda_s3_bucket configuration variable you pass to this module.

git clone git@github.com:upsidetravel/bucket-antivirus-function.git
cd bucket-antivirus-function
git checkout v2.0.0

With that repo checked out you must run the make all command and then copy the resulting zip file to AWS S3 with:

VERSION=2.0.0
aws s3 cp bucket-antivirus-function/build/lambda.zip "s3://${lambda_s3_bucket}/anti-virus/${VERSION}/anti-virus.zip"

Requirements

Name Version
terraform >= 1.0
aws >= 3.0

Providers

Name Version
aws >= 3.0

Modules

Name Source Version
file_uploads_s3_bucket trussworks/s3-private-bucket/aws ~> 4.3.0
file_uploads_s3_logging_bucket trussworks/logs/aws ~> 14.2.0
s3_anti_virus trussworks/s3-anti-virus/aws ~> 3.2.0
virus_scan_s3_bucket trussworks/s3-private-bucket/aws ~> 4.3.0

Resources

Name Type
aws_caller_identity.current data source
aws_partition.current data source
aws_region.current data source

Inputs

Name Description Type Default Required
application_name The name of the application string n/a yes
av_status_sns_arn SNS topic ARN to publish scan results to string n/a yes
cloudwatch_logs_retention_days Number of days to keep logs in AWS CloudWatch. string 90 no
cors_rules List of maps containing rules for Cross-Origin Resource Sharing. list(any) [] no
create_logging_bucket Whether to create a new bucket for S3 access logs. bool false no
environment Environment level. string "dev" no
file_uploads_bucket The name of the S3 bucket used to store the uploads. string n/a yes
lambda_s3_bucket The name of the S3 bucket where the lambda build artifact is stored string n/a yes
logging_bucket The name of the S3 bucket used for S3 access logs. string "" no
region Application region. string "us-west-2" no
s3_logs_retention_days Number of days to keep logs in S3. string 90 no
tags A map of tags to add to all resources. map(string) {} no
virus_scanning_bucket The name of the S3 bucket used to store virus scanning tools. string n/a yes

Outputs

Name Description
file_uploads_bucket_arn ARN of the file uploads bucket