Feature request: Ability to configure S3 buckets based on variables

[hashibot]

This issue was originally opened by @zenitraM as hashicorp/terraform#13938. It was migrated here as part of the provider split. The original body of the issue is below.

---

We want to create a module to be able to reuse some specifics about the way we create S3 buckets.
However, there is no way to programatically define the existence of resource object fields (even just hashicorp/terraform#7034 could work at a certain extent) to be able to, for example, toggle on and off the replication policy of a bucket depending on an input variable:

resource "aws_s3_bucket" "bucket" {
  provider = "aws.central"
  bucket   = "tf-test-bucket-12345"
  acl      = "private"
  region   = "eu-central-1"

  versioning {
    enabled = true
  }

  replication_configuration {
    count = "${var.replication_enabled == "true" ? 1 : 0}" # this could be an option but will not work
    role = "${aws_iam_role.replication.arn}"

    rules {
      id     = "foobar"
      prefix = "foo"
      status = "Enabled"

      destination {
        bucket        = "${aws_s3_bucket.destination.arn}"
        storage_class = "STANDARD"
      }
    }
  }
}

or add multiple rules depending on an input array.

A way to solve this could be to add a different attachment resources for configurations applied to S3 buckets, i.e: aws_s3_replication_configuration - they are, after all, a separate API.

Same applies to lifecycle policies and logging, for example - you cannot modularize a bucket conditionally having them without making separate modules for buckets with/without them.

[stmarier]

👍 having a fundamental building block of DRY configuration be completely unusable with a large subset of resources is a huge detriment to the project

[craigknott]

+1

[igorlg]

Same thing for Bucket logging, cors_rule, etc...

resource "aws_s3_bucket" "bucket" {
  bucket   = "tf-test-bucket-12345"
  [...]
  logging {
    count = "${var.logging_enabled ? 1 : 0}"
    target_bucket = "${var.logging_bucket}"
    target_prefix = "${var.logging_prefix}"
  }
  [...]
}

It would be perfect to have this as separate resource types, but the ability of turning them on/off with count works perfectly as well 👍

[bflad]

Hi folks 👋 This issue is resolved in Terraform 0.12 and later, which supports new functionality in the configuration language aimed at solving problems like these. The new dynamic block syntax can be used to dynamically generate configuration blocks and their arguments. Given that there is a general configuration language fix for these situations, I'm going to close this issue.

If you're looking for general assistance with how to implement dynamic in this situation, please note that we use GitHub issues in this repository for tracking bugs and enhancements with the Terraform AWS Provider codebase rather than for questions. While we may be able to help with certain simple problems here it's generally better to use the community forums where there are far more people ready to help, whereas the GitHub issues here are generally monitored only by a few maintainers and dedicated community members interested in code development of the Terraform AWS Provider itself.

---

Please do note that we are anticipating that we will likely split out the aws_s3_bucket resource configurations into separate resources as part of #4418.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!