s3-log-storage
cloudposse/s3-log-storage/aws
This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail
This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrails. This module implements a configurable log retention policy, which allows you to efficiently manage logs across different storage classes (_e.g._ Glacier) and ultimately expire the data altogether. It enables default server-side encryption. It blocks public access to the bucket by default. As of March, 2022, this module is primarily a wrapper around our s3-bucket module, with some options preconfigured and SQS notifications added. If it does not exactly suit your needs, you may want to use the s3-bucket module directly. As of version 1.0 of this module, most of the inputs are marked nullable = false, meaning you can pass in null and get the default value rather than
| Name | Type | Description | Default |
|---|---|---|---|
| name | string | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'. Thi | null |
| tags | map(string) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`). Neither the tag keys nor the t | {} |
| block_public_policy | bool | Set to `false` to disable the blocking of new public policies on the bucket | true |
| allow_ssl_requests_only | bool | Set to `true` to require requests to use Secure Socket Layer (HTTPS/SSL). This w | true |
| environment | string | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'st | null |
| delimiter | string | Delimiter to be used between ID elements. Defaults to `-` (hyphen). Set to `""` | null |
| lifecycle_prefix | string | (Deprecated, use `lifecycle_configuration_rules` instead) Prefix filter. Used to | null |
| object_lock_configuration | object({ mode = string # | A configuration for S3 object locking. With S3 Object Lock, you can store object | null |
| grants | list(object({ id | A list of policy grants for the bucket, taking a list of permissions. Conflicts | [] |
| source_policy_documents | list(string) | List of IAM policy documents that are merged together into the exported document | [] |
| kms_master_key_arn | string | The AWS KMS master key ARN used for the SSE-KMS encryption. This can only be use | "" |
| bucket_key_enabled | bool | Set this to true to use Amazon S3 Bucket Keys for SSE-KMS, which reduce the cost | false |
| enabled | bool | Set to false to prevent the module from creating any resources | null |
| enable_glacier_transition | bool | (Deprecated, use `lifecycle_configuration_rules` instead) Enables the transition | null |
| expiration_days | number | (Deprecated, use `lifecycle_configuration_rules` instead) Number of days after w | null |
| standard_transition_days | number | (Deprecated, use `lifecycle_configuration_rules` instead) Number of days to pers | null |
| acl | string | The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.ht | "log-delivery-write" |
| force_destroy | bool | When `true`, permits a non-empty S3 bucket to be deleted by first deleting all o | false |
| sse_algorithm | string | The server-side encryption algorithm to use. Valid values are AES256 and aws:kms | "AES256" |
| restrict_public_buckets | bool | Set to `false` to disable the restricting of making the bucket public | true |
| … and 10 more inputs | |||
bucket_domain_name — FQDN of bucketbucket_id — Bucket Name (aka ID)bucket_arn — Bucket ARNprefix — Prefix configured for lifecycle rulesbucket_notifications_sqs_queue_arn — Notifications SQS queue ARNenabled — Is module enabledAzure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,