Skip to content
/ terraform-aws-s3-backend Public

Terraform module for provisioning a s3 bucket and dynamodb for the Terraform Backend

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

abhisheksr01/terraform-aws-s3-backend

BranchesTags

Repository files navigation

AWS S3-Backend Terraform module

Terraform module for creating a S3 backend with a S3 bucket and Dynamodb table for state lock management.

The resources in the module follows the best practices and scanned by vulnerability analysis tools.

Usage

An example of how to use this module in your terraform file.

module "s3_backend" {
  source                      = "abhisheksr01/s3-backend/aws"
  version                     = "0.1.0"
  bucket_name                 = var.bucket_name
  dynamodb_table_name         = var.dynamodb_table_name
  tags                        = var.default_tags
  s3_bucket_kms_master_key_id = data.aws_kms_alias.aws_kms_s3_default_key.id
}

data "aws_kms_alias" "aws_kms_s3_default_key" {
  name = "alias/aws/s3"
}

Click here to see simplest implementation example and relevant details

Providers

Name Version
aws n/a

Resources

Name Type
aws_dynamodb_table.tf_state_locks resource
aws_s3_bucket.s3_backend_bucket resource
aws_s3_bucket_acl.s3_backend_acl resource
aws_s3_bucket_logging.s3_backend_bucket_logging resource
aws_s3_bucket_ownership_controls.s3_backend_ownership resource
aws_s3_bucket_public_access_block.s3_backend_public_access_block resource
aws_s3_bucket_server_side_encryption_configuration.s3_backend_sse_config resource
aws_s3_bucket_versioning.s3_backend_versioning resource

Inputs

Name Description Type Default Required
bucket_name S3 Bucket Name string n/a yes
dyanmodb_point_in_time_recovery Enable dynamo db point in time recovery bool true no
dynamodb_billing_mode Type of Dynamo DB table billing mode string "PAY_PER_REQUEST" no
dynamodb_hash_key Type of Dynamo DB Has Key type string "LockID" no
dynamodb_table_name Dynamo DB Table Name string n/a yes
s3_bucket_acl S3 Buckert ACL Type string "private" no
s3_bucket_key_enabled Enables sse for S3 bucket with KMS key bool true no
s3_bucket_kms_master_key_id KMS master key id used for encrypting the S3 bucket string n/a yes
s3_bucket_logging Map of S3 Bucket logging block,when set to enable = true target_bucket_name must be provided map(any) 
{
  "enable": false,
  "target_bucket_name": "target_bucket_name",
  "target_prefix": "/logs"
}
 no
s3_bucket_object_ownership_controls S3 bucket object ownership controls string "BucketOwnerPreferred" no
s3_bucket_public_access_block S3 bucket public access block of Object type. Default set to true from security perspective. 
object({
    block_public_acls       = bool
    block_public_policy     = bool
    ignore_public_acls      = bool
    restrict_public_buckets = bool
  })
 
{
  "block_public_acls": true,
  "block_public_policy": true,
  "ignore_public_acls": true,
  "restrict_public_buckets": true
}
 no
s3_bucket_sse_algorithm S3 Bucket's type of sse algorithm for encryption string "AES256" no
tags These tags will be applied to all the resources within the module map(string) n/a yes

Outputs

Name Description
s3_backend_bucket_id S3 Bucket Id for backend
state_lock_dynamodb_table_id Dynamo DB Table Id for backend state lock management

About

Terraform module for provisioning a s3 bucket and dynamodb for the Terraform Backend

Topics

aws terraform awss3 terraform-module

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

Release v0.1.0 Latest
Oct 5, 2023

Packages

No packages published

Contributors 2

  •  
  •  

Languages