From 948b80083a6b4d055b33d240458363e256398a5f Mon Sep 17 00:00:00 2001 From: jjcallis Date: Thu, 18 Aug 2022 14:34:49 +0100 Subject: [PATCH] upgrade TLS option and s3 module now using AI - can remove the lifecycle rule --- aws_cloudfront_distribution.tf | 2 +- module_s3_bucket_cloudfront_logging.tf | 19 ------------------- 2 files changed, 1 insertion(+), 20 deletions(-) diff --git a/aws_cloudfront_distribution.tf b/aws_cloudfront_distribution.tf index 19fca44..1d943a5 100644 --- a/aws_cloudfront_distribution.tf +++ b/aws_cloudfront_distribution.tf @@ -18,7 +18,7 @@ resource "aws_cloudfront_distribution" "s3_distribution" { cloudfront_default_certificate = var.use_cloudfront_default_certificate acm_certificate_arn = aws_acm_certificate.certificate.arn ssl_support_method = "sni-only" - minimum_protocol_version = "TLSv1.2_2018" + minimum_protocol_version = "TLSv1.2_2021" } custom_error_response { diff --git a/module_s3_bucket_cloudfront_logging.tf b/module_s3_bucket_cloudfront_logging.tf index 97291b1..ebfe4da 100644 --- a/module_s3_bucket_cloudfront_logging.tf +++ b/module_s3_bucket_cloudfront_logging.tf @@ -1,6 +1,5 @@ module "bucket_cloudwatch_logs_backup" { source = "git::ssh://git@github.com/osodevops/aws-terraform-module-s3.git" -// source = "../../aws-terraform-module-s3" s3_bucket_name = local.logging_bucket_name s3_bucket_force_destroy = false s3_bucket_policy = "" @@ -16,22 +15,4 @@ module "bucket_cloudwatch_logs_backup" { enabled = false mfa_delete = false } - - lifecycle_rule = [ - { - enabled = true - id = "retire logs after 31 days" - prefix = "logs/access" - expiration = [ - { - days = 31 - }, - ] - noncurrent_version_expiration = [ - { - days = 7 - }, - ] - } - ] } \ No newline at end of file