forked from cloudposse/terraform-aws-s3-log-storage
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
167 lines (142 loc) · 5.15 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
variable "acl" {
type = string
description = "The canned ACL to apply. We recommend log-delivery-write for compatibility with AWS services"
default = "log-delivery-write"
}
variable "analytics_bucket_name" {
type = string
default = ""
description = "Name of the S3 bucket where s3 analytics report will be sent to"
}
variable "enabled_analytics" {
type = bool
default = false
description = "Set to false to prevent the module from creating s3 analytics bucket"
}
variable "enabled_bucket_notification" {
type = bool
default = false
description = "Set to false to prevent the module from creating bucket notification"
}
variable "event_notifications" {
type = list
description = "bucket event multiple-notification, only required if enabled_bucket_notification is `true`"
default = [{
event_id = "dev-cloudfront-events"
filter_prefix = "dev/path"
filter_suffix = ".gz"
queue_arn = ""
},]
}
variable "policy" {
type = string
description = "A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a terraform plan. In this case, please make sure you use the verbose/specific version of the policy"
default = ""
}
variable "object_ownership" {
type = string
description = "Object ownership. Valid values: BucketOwnerPreferred or ObjectWriter"
default = "BucketOwnerPreferred"
}
variable "lifecycle_rules" {
type = list
description = "lifecycle values for multiple lifecycle rules"
default = [{
lifecycle_prefix = "dev"
noncurrent_version_expiration_days = 365
noncurrent_version_transition_days = 30
standard_transition_days = 30
glacier_transition_days = 60
expiration_days = 365
},]
}
variable "lifecycle_tags" {
type = map(string)
description = "Tags filter. Used to manage object lifecycle events"
default = {}
}
variable "force_destroy" {
type = bool
description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable"
default = false
}
variable "lifecycle_rule_enabled" {
type = bool
description = "Enable lifecycle events on this bucket"
default = true
}
variable "versioning_enabled" {
type = bool
description = "A state of versioning. Versioning is a means of keeping multiple variants of an object in the same bucket"
default = true
}
variable "noncurrent_version_expiration_days" {
type = number
default = 90
description = "Specifies when noncurrent object versions expire"
}
variable "noncurrent_version_transition_days" {
type = number
default = 30
description = "Specifies when noncurrent object versions transitions"
}
variable "standard_transition_days" {
type = number
default = 30
description = "Number of days to persist in the standard storage tier before moving to the infrequent access tier"
}
variable "glacier_transition_days" {
type = number
default = 60
description = "Number of days after which to move the data to the glacier storage tier"
}
variable "enable_glacier_transition" {
type = bool
default = true
description = "Enables the transition to AWS Glacier which can cause unnecessary costs for huge amount of small files"
}
variable "expiration_days" {
type = number
default = 90
description = "Number of days after which to expunge the objects"
}
variable "abort_incomplete_multipart_upload_days" {
type = number
default = 5
description = "Maximum time (in days) that you want to allow multipart uploads to remain in progress"
}
variable "sse_algorithm" {
type = string
default = "AES256"
description = "The server-side encryption algorithm to use. Valid values are AES256 and aws:kms"
}
variable "kms_master_key_arn" {
type = string
default = ""
description = "The AWS KMS master key ARN used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms"
}
variable "block_public_acls" {
type = bool
default = true
description = "Set to `false` to disable the blocking of new public access lists on the bucket"
}
variable "block_public_policy" {
type = bool
default = true
description = "Set to `false` to disable the blocking of new public policies on the bucket"
}
variable "ignore_public_acls" {
type = bool
default = true
description = "Set to `false` to disable the ignoring of public access lists on the bucket"
}
variable "restrict_public_buckets" {
type = bool
default = true
description = "Set to `false` to disable the restricting of making the bucket public"
}
variable "access_log_bucket_name" {
type = string
default = ""
description = "Name of the S3 bucket where s3 access log will be sent to"
}