adding Module to test if Logs for ALB work

terraform/modules/alb_logging/main.tf

@@ -1,3 +1,38 @@
+# resource "aws_s3_bucket" "logging_bucket" {
+# bucket = var.bucket_name
+# }
+
+# resource "aws_s3_bucket_server_side_encryption_configuration" "logging_bucket_encryption" {
+# bucket = aws_s3_bucket.logging_bucket.id
+
+# rule {
+# apply_server_side_encryption_by_default {
+# sse_algorithm = "AES256"
+# }
+# }
+# }
+
+
+
+# data "aws_iam_policy_document" "bucket_policy" {
+# statement {
+# actions = ["s3:PutObject"]
+# resources = ["${aws_s3_bucket.logging_bucket.arn}/*"]
+
+# principals {
+# type = "AWS"
+# identifiers = ["arn:aws:iam::127311923021:root"] // ELB service account for US East (N. Virginia)
+# }
+# }
+
+# // Add any additional statements here if needed
+# }
+
+# resource "aws_s3_bucket_policy" "logging_bucket_policy" {
+# bucket = aws_s3_bucket.logging_bucket.id
+# policy = data.aws_iam_policy_document.bucket_policy.json
+# }
+
 resource "aws_s3_bucket" "logging_bucket" {
  bucket = var.bucket_name
 }
@@ -11,19 +46,26 @@ data "aws_iam_policy_document" "bucket_policy" {
  type = "AWS"
  identifiers = ["arn:aws:iam::127311923021:root"] // ELB service account for US East (N. Virginia)
  }
- }
 
- // Add any additional statements here if needed
+ condition {
+ test = "Null"
+ variable = "s3:x-amz-server-side-encryption"
+ values = ["true"]
+ }
+ }
 }
 
 resource "aws_s3_bucket_policy" "logging_bucket_policy" {
  bucket = aws_s3_bucket.logging_bucket.id
  policy = data.aws_iam_policy_document.bucket_policy.json
 }
 
+resource "aws_s3_bucket_server_side_encryption_configuration" "logging_bucket_encryption" {
+ bucket = aws_s3_bucket.logging_bucket.id
 
-
-# resource "aws_s3_bucket_policy" "bucket_policy" {
-# bucket = aws_s3_bucket.logging_bucket.id
-# policy = data.aws_iam_policy_document.bucket_policy.json
-# }
+ rule {
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
+ }
+ }
+}