forked from cloudposse/terraform-aws-cloudtrail-s3-bucket
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
126 lines (105 loc) · 4.03 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
variable "acl" {
type = string
description = "The canned ACL to apply. We recommend log-delivery-write for compatibility with AWS services"
default = "log-delivery-write"
}
variable "policy" {
type = string
description = "A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a terraform plan. In this case, please make sure you use the verbose/specific version of the policy"
default = ""
}
variable "lifecycle_prefix" {
type = string
description = "Prefix filter. Used to manage object lifecycle events"
default = ""
}
variable "lifecycle_tags" {
type = map(string)
description = "Tags filter. Used to manage object lifecycle events"
default = {}
}
variable "arn_format" {
type = string
default = "arn:aws"
description = "ARN format to be used. May be changed to support deployment in GovCloud/China regions."
}
variable "force_destroy" {
type = bool
description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable"
default = false
}
variable "lifecycle_rule_enabled" {
type = bool
description = "Enable lifecycle events on this bucket"
default = true
}
variable "versioning_enabled" {
type = bool
description = "A state of versioning. Versioning is a means of keeping multiple variants of an object in the same bucket"
default = false
}
variable "noncurrent_version_expiration_days" {
description = "Specifies when noncurrent object versions expire"
default = 90
}
variable "noncurrent_version_transition_days" {
description = "Specifies when noncurrent object versions transitions"
default = 30
}
variable "standard_transition_days" {
description = "Number of days to persist in the standard storage tier before moving to the infrequent access tier"
default = 30
}
variable "glacier_transition_days" {
description = "Number of days after which to move the data to the glacier storage tier"
default = 60
}
variable "enable_glacier_transition" {
type = bool
default = false
description = "Glacier transition might just increase your bill. Set to false to disable lifecycle transitions to AWS Glacier."
}
variable "expiration_days" {
description = "Number of days after which to expunge the objects"
default = 90
}
variable "abort_incomplete_multipart_upload_days" {
type = number
default = 5
description = "Maximum time (in days) that you want to allow multipart uploads to remain in progress"
}
variable "sse_algorithm" {
type = string
description = "The server-side encryption algorithm to use. Valid values are AES256 and aws:kms"
default = "AES256"
}
variable "kms_master_key_arn" {
type = string
description = "The AWS KMS master key ARN used for the SSE-KMS encryption. This can only be used when you set the value of sse_algorithm as aws:kms. The default aws/s3 AWS KMS master key is used if this element is absent while the sse_algorithm is aws:kms"
default = ""
}
variable "block_public_acls" {
type = bool
default = true
description = "Set to `false` to disable the blocking of new public access lists on the bucket"
}
variable "block_public_policy" {
type = bool
default = true
description = "Set to `false` to disable the blocking of new public policies on the bucket"
}
variable "ignore_public_acls" {
type = bool
default = true
description = "Set to `false` to disable the ignoring of public access lists on the bucket"
}
variable "restrict_public_buckets" {
type = bool
default = true
description = "Set to `false` to disable the restricting of making the bucket public"
}
variable "access_log_bucket_name" {
type = string
default = ""
description = "Name of the S3 bucket where s3 access log will be sent to"
}