Terraform Module to set up Asustor S3 Cloud Sync.

• Creates IAM policy, IAM group and IAM user.
• Creates access key and secret for the IAM user.
• Creates S3 bucket.
  • Bucket policy denies non-private uploads.
  • Bucket is versioned.
  • Assuming Asustor will use Glacier for uploads - bucket lifecycle rule will move non current versions to Deep Archive and eventually completely expire them.

Requirements

Name	Version
terraform	>= 1.1.9, <2
aws	~> 4.12
random	~> 3.1

Providers

Name	Version
aws	4.12.1
random	3.1.3

Modules

No modules.

Resources

Name	Type
aws_iam_access_key.asustor	resource
aws_iam_group.asustor	resource
aws_iam_group_policy_attachment.asustor	resource
aws_iam_policy.asustor	resource
aws_iam_user.asustor	resource
aws_iam_user_group_membership.asustor	resource
aws_s3_bucket.sync	resource
aws_s3_bucket_policy.sync	resource
random_string.group_suffix	resource
random_string.user_suffix	resource

Inputs

Name	Description	Type	Default	Required
iam_pgp_key	See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key#pgp_key. If null - will not encrypt the resulting secret.	string	null	no
noncurrent_version_expiration_days	Minimum storage duration charge for Deep Archive is 180 days. Completely deletes old versions of files (including deleted files) after X days.	number	180	no
noncurrent_version_transition_days	Assuming Asustor uploads to Glacier - minimum storage duration charge for it is 90 days. Moves old versions of files (including deleted files) after X days to a cheaper storage class.	number	90	no
noncurrent_version_transition_storage_class	Assuming Asustor uploads to Glacier - moves old versions of files (including deleted files) to Deep Archive.	string	"DEEP_ARCHIVE"	no

Outputs

Name	Description
access_key	IAM User Access Key
access_key_secret	IAM User Access Key Secret (encrypted if iam_pgp_key was set)
bucket	Bucket name