Panfactum LogoPanfactum
Infrastructure ModulesAWSaws_s3_private_bucket

Private S3 Bucket

aws_s3_private_bucket
Stable
Submodule
Source Code Link

This module provides our standard configuration for private S3 buckets.

Notably it includes:

  • versioning

  • access control

  • storage tiering and expiration

  • encryption

  • public access blocks

  • ownership controls

Providers

The following providers are needed by this module:

Required Inputs

The following input variables are required:

bucket_name

Description: The name of the s3 bucket.

Type: string

description

Description: A statement of purpose for the S3 bucket.

Type: string

Optional Inputs

The following input variables are optional (have default values):

access_policy

Description: AWS access policy for the bucket.

Type: string

Default: null

audit_log_enabled

Description: Whether the bucket's audit log should be stored.

Type: bool

Default: false

expire_after_days

Description: Whether objects older than indicated days should be deleted. (0 to disable)

Type: number

Default: 0

expire_old_versions

Description: Whether old object versions should be expired.

Type: bool

Default: true

force_destroy

Description: Whether the bucket can be deleted if objects still exist in it.

Type: bool

Default: false

intelligent_transitions_enabled

Description: Whether objects should be subject to intelligent access tiering.

Type: bool

Default: true

kms_master_key_id

Description: If provided, will use this CMK for bucket encryption (SSS-KMS) rather than the SSE-S3 key

Type: string

Default: null

timed_transitions_enabled

Description: Whether objects should be transitioned to lower storage tiers after a certain amount of time.

Type: bool

Default: false

versioning_enabled

Description: Whether object versioning is enabled.

Type: bool

Default: false

Outputs

The following outputs are exported:

bucket_arn

Description: n/a

bucket_name

Description: n/a

Usage

No notes