Companion Terraform module for creating regional S3 buckets required by Amazon Bedrock multimodal operations with stdapi.ai.
Amazon Bedrock requires region-specific S3 buckets for certain operations:
- Multimodal input - Processing images and documents with AI models
- Document analysis - Claude's vision capabilities with PDFs and images
- Cross-region inference - Temporary file storage in Bedrock-enabled regions
This module creates individual S3 buckets with security settings that match the main stdapi.ai module.
- Secure by Default - Public access blocked, TLS enforced, KMS encryption
- Automatic Cleanup - Lifecycle policies delete temporary files after 1 day
- Cost Optimized - Intelligent-Tiering storage class after 30 days
- Versioning Enabled - Data protection and recovery capabilities
- Consistent Configuration - Matches main module security settings
📖 For complete deployment examples with regional buckets, see the Getting Started Guide.
The guide includes:
- Regional Bucket Setup: Step-by-step configuration for multiple regions
- Provider Configuration: How to configure AWS providers for each region
- Integration: How to connect regional buckets to the main module
- Best Practices: When and why you need regional buckets
# See the full example in the Getting Started Guide
module "regional_bucket_us_west_2" {
source = "stdapi-ai/stdapi-ai-s3-regional-bucket/aws"
name_prefix = module.stdapi_ai.name_prefix
deletion_protection = module.stdapi_ai.deletion_protection
aws_s3_tmp_prefix = module.stdapi_ai.aws_s3_tmp_prefix
providers = {
aws = aws.us-west-2
}
}Part of stdapi-ai/stdapi-ai - stdapi.ai AWS Marketplace Terraform Module
| Name | Version |
|---|---|
| terraform | >= 1.5.0 |
| aws | >= 5.0 |
| Name | Version |
|---|---|
| aws | >= 5.0 |
| Name | Source | Version |
|---|---|---|
| kms_key | JGoutin/kms-key/aws | ~> 1.0 |
| Name | Type |
|---|---|
| aws_s3_bucket.main | resource |
| aws_s3_bucket_lifecycle_configuration.main | resource |
| aws_s3_bucket_policy.main | resource |
| aws_s3_bucket_public_access_block.main | resource |
| aws_s3_bucket_server_side_encryption_configuration.main | resource |
| aws_s3_bucket_versioning.main | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.bucket_policy | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_s3_tmp_prefix | S3 prefix for temporary files that will be deleted after 1 day. Matches main module variable. Use output from main module (module.stdapi_ai.aws_s3_tmp_prefix). | string |
"tmp/" |
no |
| deletion_protection | If true, enable deletion protection on eligible resources. Matches main module variable. Use output from main module (module.stdapi_ai.deletion_protection). | bool |
false |
no |
| kms_key_id | If specified, directly use this KMS key instead of creating a dedicated one for the application. | string |
null |
no |
| name_prefix | Prefix to add to all created resources names. Matches main module variable. Use output from main module (module.stdapi_ai.name_prefix). | string |
"stdapiai" |
no |
| Name | Description |
|---|---|
| bucket_name | S3 bucket name created in this region. |
| kms_key_arn | KMS key used to encrypt the bucket. |
| regional_bucket_map | Map entry for aws_s3_regional_buckets variable. Use with merge() to combine multiple regions. |