S3 Bucket

This module creates an S3 bucket with the following features:

• Server-side encryption
• Public access block
• Bucket ownership controls
• HTTPS-only access
• Lifecycle rules
• Versioning

It also creates a KMS key for the bucket encryption.

Usage

module "s3_bucket" {
  source = "PATH_TO_MODULE"
  bucket_name = "my-bucket"
}

To use custom policies, you can pass them as variables:

module "s3_bucket" {
  source = "PATH_TO_MODULE"
  bucket_name = "my-bucket"
  additional_bucket_policy = data.aws_iam_policy_document.bucket_policy.json
  additional_kms_policy = data.aws_iam_policy_document.kms_policy.json
}

Where additional_bucket_policy and additional_kms_policy are variables that contain the policy documents.

Requirements

Name	Version
terraform	>= 0.15
aws	<= 5.6.0

Providers

Name	Version
aws	<= 5.6.0

Modules

No modules.

Resources

Name	Type
aws_kms_key.key	resource
aws_s3_bucket.bucket	resource
aws_s3_bucket_acl.acl	resource
aws_s3_bucket_lifecycle_configuration.retention	resource
aws_s3_bucket_ownership_controls.ownership	resource
aws_s3_bucket_policy.policy	resource
aws_s3_bucket_public_access_block.block	resource
aws_s3_bucket_server_side_encryption_configuration.encryption	resource
aws_s3_bucket_versioning.versioning	resource
aws_caller_identity.current	data source
aws_iam_policy_document.bucket_policy	data source
aws_iam_policy_document.kms_policy	data source

Inputs

Name	Description	Type	Default	Required
additional_bucket_policy	The policy to attach to the S3 bucket	string	""	no
additional_kms_policy	The policy to attach to the KMS key	string	""	no
bucket_name	The name of the S3 bucket	string	"aidan-test-bucket-771135409205"	no
retention_enabled	Whether to enable retention on the bucket	bool	false	no
retention_time	The number of days to retain objects in the bucket	number	30	no

Outputs

Name	Description
bucket_arn	n/a
bucket_id	n/a
kms_key_arn	n/a
kms_key_id	n/a