Merge pull request #16 from ministryofjustice/s3-lifecycle

S3 lifecycle
ministryofjustice · Aug 16, 2019 · ca4a2f1 · ca4a2f1
2 parents 5f876e8 + bb8d7f7
commit ca4a2f1
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 6 deletions.
diff --git a/example/main.tf b/example/main.tf
@@ -8,12 +8,12 @@ provider "aws" {
 
 # To be use in case the resources need to be created in London
 provider "aws" {
-  alias = "london"
+  alias  = "london"
   region = "eu-west-2"
 }
 
 # To be use in case the resources need to be created in Ireland
 provider "aws" {
-  alias = "ireland"
+  alias  = "ireland"
   region = "eu-west-1"
-}
+}
diff --git a/example/s3.tf b/example/s3.tf
@@ -5,7 +5,7 @@
  *
  */
 module "example_team_s3_bucket" {
-  source = "github.com/ministryofjustice/cloud-platform-terraform-s3-bucket?ref=3.2"
+  source = "github.com/ministryofjustice/cloud-platform-terraform-s3-bucket?ref=3.3"
 
   team_name              = "cloudplatform"
   business-unit          = "mojdigital"
@@ -16,9 +16,48 @@ module "example_team_s3_bucket" {
 
   providers = {
     # Can be either "aws.london" or "aws.ireland"
-    aws = "aws.ireland"
+    aws = "aws.london"
   }
 
+  /*
+   * The following example can be used if you need to set a lifecycle for your s3. 
+   *  Follow the guidance here "https://www.terraform.io/docs/providers/aws/r/s3_bucket.html#using-object-lifecycle"
+   *  "https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html"
+   *  
+
+  lifecycle_rule = [
+    {
+      enabled = true
+      id      = "retire exports after 7 days"
+      prefix  = "surveys/export"
+
+      noncurrent_version_expiration = [
+        {
+          days = 7
+        },
+      ]
+
+      expiration = [
+        {
+          days = 7
+        },
+      ]
+    },
+    {
+      enabled = true
+      id      = "retire imports after 10 days"
+      prefix  = "surveys/imports"
+
+      expiration = [
+        {
+          days = 7
+        },
+      ]
+    },
+  ]
+
+  */
+
   /*
    * The following are exampls of bucket and user policies. They are treated as
    * templates. Currently, the only available variable is `$${bucket_arn}`.
@@ -95,4 +134,4 @@ resource "kubernetes_secret" "example_team_s3_bucket" {
     bucket_arn        = "${module.example_team_s3_bucket.bucket_arn}"
     bucket_name       = "${module.example_team_s3_bucket.bucket_name}"
   }
-}
+}
diff --git a/main.tf b/main.tf
@@ -27,6 +27,8 @@ resource "aws_s3_bucket" "bucket" {
   force_destroy = "true"
   policy        = "${data.template_file.bucket_policy.rendered}"
 
+  lifecycle_rule = "${var.lifecycle_rule}"
+
   server_side_encryption_configuration {
     rule {
       apply_server_side_encryption_by_default {

diff --git a/variables.tf b/variables.tf
@@ -37,3 +37,7 @@ variable "versioning" {
   default     = false
 }
 
+variable "lifecycle_rule" {
+  description = "lifecycle"
+  default     = []
+}