Skip to content

Instantly share code, notes, and snippets.

@kaihendry
Created November 17, 2022 05:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kaihendry/4fa171067e0b9ec909afba29a56ede6a to your computer and use it in GitHub Desktop.
Save kaihendry/4fa171067e0b9ec909afba29a56ede6a to your computer and use it in GitHub Desktop.
locals {
tf_bucket_name = "${var.environment}-${var.account_name}-tf-state"
tf_dynamodb_name = "${var.environment}-${var.account_name}-tf-state-lock"
}
resource "aws_s3_bucket" "this" {
bucket = local.tf_bucket_name
lifecycle {
prevent_destroy = false
}
}
resource "aws_s3_bucket_versioning" "this" {
bucket = aws_s3_bucket.this.id
versioning_configuration {
status = "Enabled"
}
}
resource "aws_s3_bucket_server_side_encryption_configuration" "this" {
bucket = aws_s3_bucket.this.bucket
rule {
apply_server_side_encryption_by_default {
kms_master_key_id = var.kms_key_arn
sse_algorithm = "AES256"
}
}
}
resource "aws_s3_bucket_public_access_block" "this" {
bucket = aws_s3_bucket.this.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
resource "aws_dynamodb_table" "this" {
name = local.tf_dynamodb_name
read_capacity = 5
write_capacity = 5
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment