From 35568b6bc0a351d35c9ac2fc3f3fafac89c9445b Mon Sep 17 00:00:00 2001
From: Pavel Vaks <129676672+PavelLinearB@users.noreply.github.com>
Date: Wed, 28 Feb 2024 15:10:22 +0200
Subject: [PATCH] Create bbb.tf

---
 bbb.tf | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 bbb.tf

diff --git a/bbb.tf b/bbb.tf
new file mode 100644
index 000000000..15c57b308
--- /dev/null
+++ b/bbb.tf
@@ -0,0 +1,58 @@
+resource "aws_s3_bucket" "example" {
+  bucket = "my-tf-test-bucket"
+  acl    = "private"
+
+  tags = {
+    Name        = "My Test Bucket"
+    Environment = "Dev"
+  }
+
+  versioning {
+    enabled = false
+    mfa_delete = false
+  }
+}
+
+
+# Server Side Encryption
+resource "aws_s3_bucket_server_side_encryption_configuration" "sse_example" {
+  bucket = aws_s3_bucket.example.bucket
+
+  rule {
+    apply_server_side_encryption_by_default {
+      kms_master_key_id = aws_kms_key.testkey.arn
+      sse_algorithm     = "aws:kms"
+    }
+  }
+}
+
+resource "aws_kms_key" "testkey" {
+  description             = "This is a test key that is used to encrypt bucket objects"
+  deletion_window_in_days = 10
+  
+  tags = {
+    Name = "my_kms_key"
+    TestTag = "Value"
+  }
+  
+  policy = <<EOF
+ {
+    "Id": "key-123",
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Enable IAM User Permissions",
+            "Effect": "Allow",
+            "Principal": {
+                "AWS": "arn:aws:iam::111111:user/test-user"
+            },
+            "Resource": [
+                "arn:aws:kms:us-west-2:1111111:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+                "arn:aws:kms:us-east-2:1111111:key/0987dcba-09fe-87dc-65ba-ab0987654321"
+            ]
+            "Action": "kms:*",
+        }
+    ]
+}
+EOF
+}