Terraform module for creating an S3 bucket.
Will be used for HashiTalks: Africa 2023.
Features:
- Creates an S3 bucket.
None.
See examples dropdown on Terraform Cloud, or browse here.
This module is tested during development using pytest and tftest. See the tests folder for further details, and in particular the testing readme.
This repo was created from terraform-aws-template
This project is currently unlicenced. Please contact the maintaining team to add a licence.
Direct contributions are welcome.
See CONTRIBUTING.md for further information.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| bucket_logging_target_bucket | Target S3 bucket name for logging. | string |
"" |
no |
| bucket_logging_target_prefix | Target S3 bucket prefix for logging. | string |
"" |
no |
| create_aws_s3_bucket_lifecycle_configuration | Whether to enable the default aws_s3_bucket_lifecycle_configuration on the bucket. | bool |
true |
no |
| enable_attach_default_bucket_policy | Whether to attach the default bucket policy or not (default=true). You may wish to attach the bucket policy document separately, in which case it is an output from this module. | bool |
true |
no |
| enable_public_access_block | Whether to enable public_access_block on the bucket. | bool |
true |
no |
| enable_versioning | Whether to enable versioning on the bucket. | bool |
true |
no |
| force_destroy | Caution Whether to automatically delete all objects from the bucket when it is destroyed. These objects are NOT recoverable. | bool |
false |
no |
| general_read_only_aws_principals | List of AWS principals to give read access to all bucket objects via bucket policy resource. | list(string) |
[] |
no |
| general_read_write_aws_principals | List of AWS principals to give read and write access to all bucket objects via bucket policy resource. | list(string) |
[] |
no |
| kms_key_id | KMS key ID to use for encrypting bucket objects. | string |
null |
no |
| name | Name for S3 bucket. Also see naming_method |
string |
null |
no |
| naming_method | Whether to use bucket, bucket_prefix or neither when creating the aws_s3_bucket resource. |
string |
"BUCKET" |
no |
| tags | Map of additional tags to assign to created resources. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. |
map(string) |
{} |
no |
No modules.
| Name | Description |
|---|---|
| arn | The bucket ARN that is created. |
| bucket | The bucket that is created. |
| default_bucket_policy_document | Default bucket policy document, attached to the bucket if var.attach_default_bucket_policy=true. |
| id | The bucket id that is created. |
| kms_key_id | The KMS key ID used for encrypting bucket objects. |
| region | The bucket region. |
| Name | Version |
|---|---|
| aws | ~> 5.0 |
| Name | Version |
|---|---|
| terraform | >= 0.13.1 |
| aws | ~> 5.0 |
| null | ~> 3.1 |
| Name | Type |
|---|---|
| aws_s3_bucket.this | resource |
| aws_s3_bucket_lifecycle_configuration.abort_incomplete_multipart_upload | resource |
| aws_s3_bucket_logging.this | resource |
| aws_s3_bucket_ownership_controls.this | resource |
| aws_s3_bucket_policy.default_bucket_policy | resource |
| aws_s3_bucket_public_access_block.this | resource |
| aws_s3_bucket_server_side_encryption_configuration.this | resource |
| aws_s3_bucket_versioning.this | resource |
| aws_iam_policy_document.default_bucket_policy_document | data source |
| aws_iam_policy_document.deny_unencrypted_policy_document | data source |
| aws_iam_policy_document.general_read_only_policy_document | data source |
| aws_iam_policy_document.general_read_write_policy_document | data source |