The following input variables are required:
Description: The number of days that you want to specify for the default retention period.
Type: number
Description: The number of years that you want to specify for the default retention period.
Type: number
Description: Is this part of production, staging, development?
Type: string
Description: What is the name of the bucket?
Type: string
Description: Product this bucket is associated with
Type: string
Description: Service that this bucket is associated with
Type: string
Description: Provide an email address for the team resposnible for this bucket
Type: string
The following input variables are optional (have default values):
Description: Allow public GET
Type: bool
Default: false
Description: Allow these CIDR ranges to read the bucket and its contents
Type: list(string)
Default: []
Description: What s3 actions whitelisted CIDRs can do
Type: list(string)
Default:
[
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectAcl"
]
Description: What s3 actions whitelisted VPCEs can do
Type: list(string)
Default:
[
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectAcl"
]
Description: Allow these VPC Endpoints to read the bucket and its contents
Type: list(string)
Default: []
Description: n/a
Type: list(string)
Default:
[
"Authorization"
]
Description: n/a
Type: list(string)
Default:
[
"GET"
]
Description: n/a
Type: list(string)
Default:
[
"*"
]
Description: n/a
Type: list(string)
Default: []
Description: n/a
Type: string
Default: "3000"
Description: Should we enable bucket logging?
Type: bool
Default: true
Description: Indicates whether this bucket has an Object Lock configuration enabled. https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html
Type: bool
Default: false
Description: Should we replicate this bucket to another region?
Type: bool
Default: true
Description: Enable S3 inventory?
Type: bool
Default: false
Description: Enabling versioning?
Type: bool
Default: true
Description: What policy actions will we allow the 3rd party account?
Type: list(string)
Default:
[
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectAcl"
]
Description: The ID for an external account to give access to
Type: list(string)
Default: []
Description: Specifies the output format of the inventory results. Can be CSV, ORC or Parquet.
Type: string
Default: "CSV"
Description: Specifies how frequently inventory results are produced. Can be Daily or Weekly.
Type: string
Default: "Weekly"
Description: Object filtering that accepts a prefix (documented below). Can be All or Current.
Type: string
Default: "Current"
Description: Contains the optional fields that are included in the inventory results. Accepts Size, LastModifiedDate, StorageClass, ETag, IsMultipartUploaded, ReplicationStatus, EncryptionStatus, ObjectLockRetainUntilDate, ObjectLockMode, ObjectLockLegalHoldStatus.
Type: list(string)
Default:
[
"ETag",
"LastModifiedDate",
"IsMultipartUploaded",
"Size"
]
Description: Enable lifecycle rule for current object versions?
Type: bool
Default: false
Description: Prefix that current version lifecycle rule works on
Type: string
Default: ""
Description: The number of days until transitions.
Type: map(string)
Default:
{
"expiration": 2555,
"glacier": 120,
"standard_ia": 30
}
Description: Enable lifecycle rule for noncurrent object versions?
Type: bool
Default: true
Description: Prefix that noncurrent version lifecycle rule works on
Type: string
Default: ""
Description: The number of days until transitions.
Type: map(string)
Default:
{
"expiration": 2555,
"glacier": 120,
"standard_ia": 30
}
Description: Metric filters to apply to your s3 bucket
Type:
list(
object(
{
name = string
prefix = string
}
)
)
Default: []
Description: The default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are GOVERNANCE and COMPLIANCE. https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html#object-lock-retention-modes
Type: string
Default: "GOVERNANCE"
Description: ARN of the origin access ID, used only when the bucket is the source for a cloudfront distribution and you want no other access.
Type: string
Default: "none"
Description: Set to 1 to enable logging for redshift
Type: bool
Default: false
Description: What region is the redshift instance in?
Type: string
Default: ""
Description: S3 Storage class to use for replica bucket.
Type: string
Default: "STANDARD_IA"
Description: DEPRECATED, use enable_versioning
Type: bool
Default: true
The following outputs are exported:
Description: Bucket's ARN
Description: n/a
Description: Bucket's name
Description: Bucket's region
Description: Bucket's ARN (deprecated)
Description: Bucket's name (deprecated)
Description: Bucket's region (deprecated)