AWS S3 updates (#312)

terraform-modules/aws/s3_bucket/main.tf

@@ -37,3 +37,23 @@ resource "aws_s3_bucket_policy" "bucket_policy" {
   bucket = aws_s3_bucket.bucket.id
   policy = var.policy
 }
+
+resource "aws_s3_bucket_versioning" "versioning" {
+  count = var.enable_versioning ? 1 : 0
+
+  bucket = aws_s3_bucket.bucket.id
+  versioning_configuration {
+    status = var.versioning
+  }
+}
+
+resource "aws_s3_bucket_logging" "logging" {
+  count = var.enable_logging ? 1 : 0
+
+  # Bucket to enable logging on
+  bucket = aws_s3_bucket.bucket.id
+
+  # (Required) The name of the bucket where you want Amazon S3 to store server access logs.
+  target_bucket = var.logging_bucket_name
+  target_prefix = "log/"
+}

terraform-modules/aws/s3_bucket/variables.tf

@@ -49,3 +49,33 @@ variable "deletion_window_in_days" {
   description = "(Optional) The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key."
   default     = 10
 }
+
+variable "enable_versioning" {
+  type        = bool
+  description = "Enable S3 versioning"
+  default     = true
+}
+
+variable "versioning" {
+  type        = string
+  description = "(Required) The versioning state of the bucket. Valid values: Enabled, Suspended, or Disabled. Disabled should only be used when creating or importing resources that correspond to unversioned S3 buckets."
+  default     = "Enabled"
+}
+
+variable "enable_logging" {
+  type        = bool
+  description = "Enable S3 logging"
+  default     = false
+}
+
+variable "logging_bucket_name" {
+  type        = string
+  description = "(Required) The name of the bucket where you want Amazon S3 to store server access logs.  Could be the same as the bucket name."
+  default     = "can-be-the-same-as-the-bucket-name"
+}
+
+variable "logging_bucket_prefix" {
+  type        = string
+  description = "The prefix to add to the logs"
+  default     = "s3-log/"
+}