forked from cloudposse/terraform-aws-s3-bucket
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
186 lines (156 loc) · 5.67 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
variable "namespace" {
type = string
default = ""
description = "Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp'"
}
variable "environment" {
type = string
default = ""
description = "Environment, e.g. 'prod', 'staging', 'dev', 'pre-prod', 'UAT'"
}
variable "stage" {
type = string
default = ""
description = "Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release'"
}
variable "name" {
type = string
default = ""
description = "Solution name, e.g. 'app' or 'jenkins'"
}
variable "enabled" {
type = bool
default = true
description = "Set to false to prevent the module from creating any resources"
}
variable "delimiter" {
type = string
default = "-"
description = "Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`"
}
variable "attributes" {
type = list(string)
default = []
description = "Additional attributes (e.g. `1`)"
}
variable "tags" {
type = map(string)
default = {}
description = "Additional tags (e.g. `map('BusinessUnit','XYZ')`"
}
variable "acl" {
type = string
default = "private"
description = "The canned ACL to apply. We recommend `private` to avoid exposing sensitive information"
}
variable "policy" {
type = string
default = ""
description = "A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a terraform plan. In this case, please make sure you use the verbose/specific version of the policy"
}
variable "region" {
type = string
default = ""
description = "If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee"
}
variable "force_destroy" {
type = bool
default = false
description = "A boolean string that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable"
}
variable "versioning_enabled" {
type = bool
default = false
description = "A state of versioning. Versioning is a means of keeping multiple variants of an object in the same bucket"
}
variable "sse_algorithm" {
type = string
default = "AES256"
description = "The server-side encryption algorithm to use. Valid values are `AES256` and `aws:kms`"
}
variable "kms_master_key_arn" {
type = string
default = ""
description = "The AWS KMS master key ARN used for the `SSE-KMS` encryption. This can only be used when you set the value of `sse_algorithm` as `aws:kms`. The default aws/s3 AWS KMS master key is used if this element is absent while the `sse_algorithm` is `aws:kms`"
}
variable "user_enabled" {
type = bool
default = false
description = "Set to `true` to create an IAM user with permission to access the bucket"
}
variable "allowed_bucket_actions" {
type = list(string)
default = ["s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:DeleteObject", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:GetBucketLocation", "s3:AbortMultipartUpload"]
description = "List of actions the user is permitted to perform on the S3 bucket"
}
variable "allow_encrypted_uploads_only" {
type = bool
default = false
description = "Set to `true` to prevent uploads of unencrypted objects to S3 bucket"
}
variable "lifecycle_rule_enabled" {
type = bool
default = false
description = "Enable or disable lifecycle rule"
}
variable "prefix" {
type = string
default = ""
description = "Prefix identifying one or more objects to which the rule applies"
}
variable "noncurrent_version_transition_days" {
type = number
default = 30
description = "Number of days to persist in the standard storage tier before moving to the glacier tier infrequent access tier"
}
variable "noncurrent_version_expiration_days" {
type = number
default = 90
description = "Specifies when noncurrent object versions expire"
}
variable "cors_rule_inputs" {
type = list(object({
allowed_headers = list(string)
allowed_methods = list(string)
allowed_origins = list(string)
expose_headers = list(string)
max_age_seconds = number
}))
default = null
description = "Specifies the allowed headers, methods, origins and exposed headers when using CORS on this bucket"
}
variable "standard_transition_days" {
type = number
default = 30
description = "Number of days to persist in the standard storage tier before moving to the infrequent access tier"
}
variable "glacier_transition_days" {
type = number
default = 60
description = "Number of days after which to move the data to the glacier storage tier"
}
variable "enable_glacier_transition" {
type = bool
default = true
description = "Enables the transition to AWS Glacier which can cause unnecessary costs for huge amount of small files"
}
variable "enable_standard_ia_transition" {
type = bool
default = false
description = "Enables the transition to STANDARD_IA"
}
variable "expiration_days" {
type = number
default = 90
description = "Number of days after which to expunge the objects"
}
variable "abort_incomplete_multipart_upload_days" {
type = number
default = 5
description = "Maximum time (in days) that you want to allow multipart uploads to remain in progress"
}
variable "lifecycle_tags" {
type = map(string)
description = "Tags filter. Used to manage object lifecycle events"
default = {}
}