forked from trussworks/terraform-aws-s3-private-bucket
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
167 lines (142 loc) · 4.36 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
variable "bucket" {
description = "The name of the bucket."
type = string
}
variable "use_random_suffix" {
description = "Whether to add a random suffix to the bucket name."
type = bool
default = false
}
variable "use_account_alias_prefix" {
description = "Whether to prefix the bucket name with the AWS account alias."
type = string
default = true
}
variable "custom_bucket_policy" {
description = "JSON formatted bucket policy to attach to the bucket."
type = string
default = ""
}
variable "logging_bucket" {
description = "The S3 bucket to send S3 access logs."
type = string
default = ""
}
variable "tags" {
description = "A mapping of tags to assign to the bucket."
default = {}
type = map(string)
}
variable "enable_bucket_inventory" {
type = bool
default = false
description = "If set to true, Bucket Inventory will be enabled."
}
variable "enable_bucket_force_destroy" {
type = bool
default = false
description = "If set to true, Bucket will be emptied and destroyed when terraform destroy is run."
}
variable "inventory_bucket_format" {
type = string
default = "ORC"
description = "The format for the inventory file. Default is ORC. Options are ORC or CSV."
}
variable "schedule_frequency" {
type = string
default = "Weekly"
description = "The S3 bucket inventory frequency. Defaults to Weekly. Options are 'Weekly' or 'Daily'."
}
variable "enable_analytics" {
description = "Enables storage class analytics on the bucket."
default = true
type = bool
}
variable "cors_rules" {
description = "List of maps containing rules for Cross-Origin Resource Sharing."
type = list(any)
default = []
}
variable "versioning_status" {
description = "A string that indicates the versioning status for the log bucket."
default = "Enabled"
type = string
validation {
condition = contains(["Enabled", "Disabled", "Suspended"], var.versioning_status)
error_message = "Valid values for versioning_status are Enabled, Disabled, or Suspended."
}
}
variable "abort_incomplete_multipart_upload_days" {
description = "Number of days until aborting incomplete multipart uploads"
type = number
default = 14
}
variable "expiration" {
description = "expiration blocks"
type = list(any)
default = [
{
expired_object_delete_marker = true
}
]
}
variable "transitions" {
description = "Current version transition blocks"
type = list(any)
default = []
}
variable "noncurrent_version_transitions" {
description = "Non-current version transition blocks"
type = list(any)
default = [
{
days = 30
storage_class = "STANDARD_IA"
}
]
}
variable "noncurrent_version_expiration" {
description = "Number of days until non-current version of object expires"
type = number
default = 365
}
variable "kms_master_key_id" {
description = "The AWS KMS master key ID used for the SSE-KMS encryption. If blank, bucket encryption configuration defaults to AES256."
type = string
default = ""
}
variable "enable_s3_public_access_block" {
description = "Bool for toggling whether the s3 public access block resource should be enabled."
type = bool
default = true
}
variable "bucket_key_enabled" {
description = "Whether or not to use Amazon S3 Bucket Keys for SSE-KMS."
type = bool
default = false
}
variable "transfer_acceleration" {
description = "Whether or not to enable bucket acceleration."
type = bool
default = null
}
variable "additional_lifecycle_rules" {
description = "List of additional lifecycle rules to specify"
type = list(any)
default = []
}
variable "control_object_ownership" {
description = "Whether to manage S3 Bucket Ownership Controls on this bucket."
type = bool
default = true
}
variable "object_ownership" {
description = "Object ownership. Valid values: BucketOwnerEnforced, BucketOwnerPreferred or ObjectWriter."
type = string
default = "BucketOwnerEnforced"
}
variable "s3_bucket_acl" {
description = "Set bucket ACL per [AWS S3 Canned ACL](<https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl>) list."
default = null
type = string
}