Private S3 Bucket
This module provides our standard configuration for private S3 buckets.
Notably it includes:
-
versioning
-
access control
-
storage tiering and expiration
-
encryption
-
public access blocks
-
ownership controls
Providers
The following providers are needed by this module:
- aws (5.39.1)
Required Inputs
The following input variables are required:
bucket_name
Description: The name of the s3 bucket.
Type: string
description
Description: A statement of purpose for the S3 bucket.
Type: string
Optional Inputs
The following input variables are optional (have default values):
access_policy
Description: AWS access policy for the bucket.
Type: string
Default: null
audit_log_enabled
Description: Whether the bucket's audit log should be stored.
Type: bool
Default: false
expire_after_days
Description: Whether objects older than indicated days should be deleted. (0 to disable)
Type: number
Default: 0
expire_old_versions
Description: Whether old object versions should be expired.
Type: bool
Default: true
force_destroy
Description: Whether the bucket can be deleted if objects still exist in it.
Type: bool
Default: false
intelligent_transitions_enabled
Description: Whether objects should be subject to intelligent access tiering.
Type: bool
Default: true
kms_master_key_id
Description: If provided, will use this CMK for bucket encryption (SSS-KMS) rather than the SSE-S3 key
Type: string
Default: null
timed_transitions_enabled
Description: Whether objects should be transitioned to lower storage tiers after a certain amount of time.
Type: bool
Default: false
versioning_enabled
Description: Whether object versioning is enabled.
Type: bool
Default: false
Outputs
The following outputs are exported:
bucket_arn
Description: n/a
bucket_name
Description: n/a
Usage
No notes