Skip to content

Commit

Permalink
Overhaul bucket management to public module
Browse files Browse the repository at this point in the history
  • Loading branch information
andysingleton committed Jun 19, 2024
1 parent 507164a commit 57d5410
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 19 deletions.
2 changes: 1 addition & 1 deletion aws_cloudfront_distribution.tf
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ resource "aws_cloudfront_distribution" "s3_distribution" {
]

logging_config {
bucket = module.bucket_cloudwatch_logs_backup.bucket_domain_name
bucket = module.bucket_cloudwatch_logs_backup.s3_bucket_bucket_domain_name
include_cookies = false
prefix = "cloudfront/"
}
Expand Down
2 changes: 1 addition & 1 deletion data_aws_s3_cloudfront_origin_bucket.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
data "aws_s3_bucket" "origin_bucket" {
bucket = var.s3_source_bukcet_name
bucket = var.s3_source_bucket_name
}
2 changes: 1 addition & 1 deletion example/module_cloudfront_example.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module "cloudfront_example" {
source = "git::ssh://[email protected]/osodevops/aws-terraform-module-cloudfront-s3.git"
s3_source_bukcet_name = local.example_bucket_name
s3_source_bucket_name = local.example_bucket_name
distribution_fqdn = "example.domain-name.com"
distribution_name = "example"
hosted_zone_name = "domain-name.com"
Expand Down
37 changes: 23 additions & 14 deletions module_s3_bucket_cloudfront_logging.tf
Original file line number Diff line number Diff line change
@@ -1,9 +1,17 @@
module "bucket_cloudwatch_logs_backup" {
source = "git::ssh://[email protected]/osodevops/aws-terraform-module-s3.git"
s3_bucket_name = local.logging_bucket_name
s3_bucket_force_destroy = false
s3_bucket_policy = ""
common_tags = var.common_tags
source = "terraform-aws-modules/s3-bucket/aws"
version = "~>3.0"

bucket = local.logging_bucket_name
force_destroy = false
tags = var.common_tags
grant = [
{
type = "CanonicalUser"
permission = "FULL_CONTROL"
id = data.aws_canonical_user_id.current.id
}
]

# Bucket public access
restrict_public_buckets = true
Expand All @@ -12,16 +20,17 @@ module "bucket_cloudwatch_logs_backup" {
ignore_public_acls = true

versioning = {
status = "Enabled"
status = "Suspended"
mfa_delete = "Disabled"
}

cors_rule = {
allowed_headers = ["Authorization"]
allowed_methods = ["GET"]
allowed_origins = ["*"]
expose_headers = []
max_age_seconds = 3000
}
server_side_encryption_configuration = {
rule = {
bucket_key_enabled = false

}
apply_server_side_encryption_by_default = {
sse_algorithm = "AES256"
}
}
}
}
2 changes: 1 addition & 1 deletion outputs.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
output "logging_bucket" {
value = module.bucket_cloudwatch_logs_backup.s3_id
value = module.bucket_cloudwatch_logs_backup.s3_bucket_id
}

output "distribution" {
Expand Down
2 changes: 1 addition & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ variable "price_class" {
default = "PriceClass_100"
}

variable "s3_source_bukcet_name" {
variable "s3_source_bucket_name" {
type = string
}

Expand Down

0 comments on commit 57d5410

Please sign in to comment.