forked from schubergphilis/terraform-aws-mcaf-s3
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
160 lines (137 loc) · 4.44 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
variable "name" {
type = string
default = null
description = "The Name of the bucket. If omitted, Terraform will assign a random, unique name. Conflicts with `name_prefix`."
validation {
condition = var.name != null ? length(var.name) <= 63 : true
error_message = "The name must be less than or equal to 63 characters in length"
}
}
variable "name_prefix" {
type = string
default = null
description = "Creates a unique bucket name beginning with the specified prefix. Conflicts with `name`."
validation {
condition = var.name_prefix != null ? length(var.name_prefix) <= 37 : true
error_message = "The name prefix must be less than or equal to 37 characters in length"
}
}
variable "acl" {
type = string
default = "private"
description = "The canned ACL to apply, defaults to `private`."
}
variable "block_public_acls" {
type = bool
default = true
description = "Whether Amazon S3 should block public ACLs for this bucket."
}
variable "block_public_policy" {
type = bool
default = true
description = "Whether Amazon S3 should block public bucket policies for this bucket."
}
variable "cors_rule" {
type = object({
allowed_headers = list(string)
allowed_methods = list(string)
allowed_origins = list(string)
expose_headers = list(string)
max_age_seconds = number
})
default = null
description = "The CORS rule for the S3 bucket"
}
variable "eventbridge_enabled" {
type = bool
default = false
description = "Whether to enable Amazon EventBridge notifications."
}
variable "force_destroy" {
type = bool
default = false
description = "A boolean that indicates all objects should be deleted when deleting the bucket."
}
variable "ignore_public_acls" {
type = bool
default = true
description = "Whether Amazon S3 should ignore public ACLs for this bucket."
}
variable "kms_key_arn" {
type = string
default = null
description = "The KMS key ARN used for the bucket encryption."
}
variable "lifecycle_rule" {
type = any
default = []
description = "List of maps containing lifecycle management configuration settings."
}
variable "logging" {
type = object({
target_bucket = string
target_prefix = string
})
default = null
description = "Logging configuration, logging is disabled by default."
}
variable "logging_source_bucket_arns" {
type = list(string)
default = []
description = "Configures which source buckets are allowed to log to this bucket."
}
variable "object_lock_mode" {
type = string
default = null
description = "The default object Lock retention mode to apply to new objects."
}
variable "object_lock_years" {
type = number
default = null
description = "The number of years that you want to specify for the default retention period."
}
variable "object_lock_days" {
type = number
default = null
description = "The number of days that you want to specify for the default retention period."
}
variable "object_ownership_type" {
type = string
default = "BucketOwnerEnforced"
description = "The object ownership type for the objects in S3 Bucket, defaults to BucketOwnerEnforced."
}
variable "replication_configuration" {
type = object({
iam_role_arn = string
rules = map(object({
id = string
dest_bucket = string
dest_storage_class = string
replica_kms_key_id = string
replica_modifications_status = string
sse_kms_encrypted_objects_status = string
}))
})
default = null
description = "Bucket replication configuration settings, specify the rules map keys as integers as these are used to determine the priority of the rules in case of conflict."
}
variable "restrict_public_buckets" {
type = bool
default = true
description = "Whether Amazon S3 should restrict public bucket policies for this bucket."
}
variable "policy" {
type = string
default = null
description = "A valid bucket policy JSON document."
}
variable "versioning" {
type = bool
default = false
description = "Versioning is a means of keeping multiple variants of an object in the same bucket."
}
variable "tags" {
type = map(string)
default = {}
description = "A mapping of tags to assign to the bucket."
}