Skip to content

cn-terraform/terraform-aws-logs-s3-bucket

Repository files navigation

Terraform Module for AWS

Complete

Usage

Complete

Install pre commit hooks.

Pleas run this command right after cloning the repository.

    pre-commit install

For that you may need to install the folowwing tools:

In order to run all checks at any point run the following command:

    pre-commit run --all-files

Requirements

Name Version
terraform >= 0.13
aws >= 4

Providers

Name Version
aws 4.15.0
random 3.2.0

Modules

No modules.

Resources

Name Type
aws_s3_bucket.logs resource
aws_s3_bucket_acl.logs resource
aws_s3_bucket_policy.logs_access_policy resource
aws_s3_bucket_public_access_block.logs_block_public_access resource
aws_s3_bucket_server_side_encryption_configuration.logs resource
random_string.random resource
aws_iam_policy_document.logs_access_policy_document data source

Inputs

Name Description Type Default Required
aws_principals_identifiers List of identifiers for AWS principals with access to write in the logs bucket list(string) n/a yes
block_s3_bucket_public_access (Optional) If true, public access to the S3 bucket will be blocked. bool true no
enable_s3_bucket_server_side_encryption (Optional) If true, server side encryption will be applied. bool true no
name_prefix Name prefix for resources on AWS string n/a yes
s3_bucket_server_side_encryption_key (Optional) The AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms. string null no
s3_bucket_server_side_encryption_sse_algorithm (Optional) The server-side encryption algorithm to use. Valid values are AES256 and aws:kms string "AES256" no
tags Resource tags map(string) {} no

Outputs

Name Description
s3_bucket_arn Logging S3 Bucket ARN
s3_bucket_domain_name Logging S3 Bucket Domain Name
s3_bucket_id Logging S3 Bucket ID