Skip to content

Commit

Permalink
Simplify private-s3-bucket lifecycle arguments (#84)
Browse files Browse the repository at this point in the history
* set AbortIncompleteMultipartUpload action as first rule and set default value

* update README
  • Loading branch information
kei500 authored Apr 8, 2024
1 parent f1d0b17 commit e1f2930
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 88 deletions.
5 changes: 2 additions & 3 deletions aws/private-s3-bucket/README.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

77 changes: 7 additions & 70 deletions aws/private-s3-bucket/bucket_options.tf
Original file line number Diff line number Diff line change
Expand Up @@ -61,79 +61,22 @@ resource "aws_s3_bucket_ownership_controls" "b" {
object_ownership = local.object_ownership
}
}

# lifecycle
resource "aws_s3_bucket_lifecycle_configuration" "b" {
count = length(var.lifecycle_rule) > 0 ? 1 : 0
bucket = aws_s3_bucket.b.id

# First(0-th) rule: aws_s3_bucket_lifecycle_configuration must have at least 1 rule block explicitly
rule {
id = var.lifecycle_rule[0].id
status = var.lifecycle_rule[0].enabled ? "Enabled" : "Disabled"
dynamic "filter" {
for_each = var.lifecycle_rule[0].prefix != null || length(var.lifecycle_rule[0].tags) > 0 ? [1] : []
content {
# Only prefix or only 1 tag: bare
# both prefix and tag, multiple tags: inside `and` block
prefix = length(var.lifecycle_rule[0].tags) == 0 ? var.lifecycle_rule[0].prefix : null
dynamic "tag" {
for_each = var.lifecycle_rule[0].prefix == null && length(var.lifecycle_rule[0].tags) == 1 ? [1] : []
content {
key = keys(var.lifecycle_rule[0].tags)[0]
value = values(var.lifecycle_rule[0].tags)[0]
}
}
dynamic "and" {
for_each = (var.lifecycle_rule[0].prefix != null && length(var.lifecycle_rule[0].tags) >= 1) || length(var.lifecycle_rule[0].tags) >= 2 ? [1] : []
content {
prefix = var.lifecycle_rule[0].prefix
tags = var.lifecycle_rule[0].tags
}
}
}
}
dynamic "abort_incomplete_multipart_upload" {
for_each = var.lifecycle_rule[0].abort_incomplete_multipart_upload_days != null ? [1] : []
content {
days_after_initiation = var.lifecycle_rule[0].abort_incomplete_multipart_upload_days
}
}
dynamic "transition" {
for_each = var.lifecycle_rule[0].transition
content {
date = transition.value.date
days = transition.value.days
storage_class = transition.value.storage_class
}
}
dynamic "expiration" {
for_each = var.lifecycle_rule[0].expiration
content {
date = expiration.value.date
days = expiration.value.days
expired_object_delete_marker = expiration.value.expired_object_delete_marker
}
}
dynamic "noncurrent_version_transition" {
for_each = var.lifecycle_rule[0].noncurrent_version_transition
content {
noncurrent_days = noncurrent_version_transition.value.days
newer_noncurrent_versions = noncurrent_version_transition.value.versions
storage_class = noncurrent_version_transition.value.storage_class
}
}
dynamic "noncurrent_version_expiration" {
for_each = var.lifecycle_rule[0].noncurrent_version_expiration
content {
noncurrent_days = noncurrent_version_expiration.value.days
newer_noncurrent_versions = noncurrent_version_expiration.value.versions
}
id = "Abort incomplete multipart upload"
status = "Enabled"

abort_incomplete_multipart_upload {
days_after_initiation = 3
}
}

# Rest (1st and after) rules
dynamic "rule" {
for_each = toset(slice(var.lifecycle_rule, 1, length(var.lifecycle_rule)))
for_each = toset(var.lifecycle_rule)
content {
id = rule.value.id
status = rule.value.enabled ? "Enabled" : "Disabled"
Expand All @@ -159,12 +102,6 @@ resource "aws_s3_bucket_lifecycle_configuration" "b" {
}
}
}
dynamic "abort_incomplete_multipart_upload" {
for_each = rule.value.abort_incomplete_multipart_upload_days != null ? [1] : []
content {
days_after_initiation = rule.value.abort_incomplete_multipart_upload_days
}
}
dynamic "transition" {
for_each = rule.value.transition
content {
Expand Down
3 changes: 1 addition & 2 deletions aws/private-s3-bucket/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@
* Full featured example.
*
* NOTE:
* * abort_incomplete_multipart_upload_days is exclusive against tags
* * abort_incomplete_multipart_upload_days is always set as 3 days
* * expiration, noncurrent_version_{transition,expiration} can be set up to once
*
* ```hcl
Expand All @@ -75,7 +75,6 @@
* a = "b"
* c = "d"
* }
* abort_incomplete_multipart_upload_days = null
* transition = [
* {
* date = null
Expand Down
25 changes: 12 additions & 13 deletions aws/private-s3-bucket/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -54,32 +54,31 @@ variable "grant" {

variable "lifecycle_rule" {
type = list(object({
id = string
enabled = bool
prefix = string
abort_incomplete_multipart_upload_days = number
tags = map(string)
transition = list(object({
id = string
enabled = optional(bool, true)
prefix = optional(string)
tags = optional(map(string), {})
transition = optional(list(object({
date = optional(string)
days = optional(number)
storage_class = string
}))
})), [])
# Note for expiration, noncurrent_version_transition, noncurrent_version_expiration
# define as list for simplicity, though expected only a single object
expiration = list(object({
expiration = optional(list(object({
date = optional(string)
days = optional(number)
expired_object_delete_marker = optional(bool, false)
}))
noncurrent_version_transition = list(object({
})), [])
noncurrent_version_transition = optional(list(object({
days = number
versions = optional(number)
storage_class = string
}))
noncurrent_version_expiration = list(object({
})), [])
noncurrent_version_expiration = optional(list(object({
days = number
versions = optional(number)
}))
})), [])
}))
description = "S3 lifecycle rule"
default = []
Expand Down

0 comments on commit e1f2930

Please sign in to comment.