-
-
Notifications
You must be signed in to change notification settings - Fork 99
/
Copy pathREADME.yaml
125 lines (110 loc) · 5.45 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: terraform-aws-s3-log-storage
tags:
- aws
- terraform
- terraform-modules
- logging
- s3
- bucket
- logs
- storage
- glacier
- standard
- lifecycle-management
- versioning
categories:
- terraform-modules/logging
license: APACHE2
github_repo: cloudposse/terraform-aws-s3-log-storage
badges:
- name: Latest Release
image: https://img.shields.io/github/release/cloudposse/terraform-aws-s3-log-storage.svg?style=for-the-badge
url: https://github.com/cloudposse/terraform-aws-s3-log-storage/releases/latest
- name: Last Updated
image: https://img.shields.io/github/last-commit/cloudposse/terraform-aws-s3-log-storage.svg?style=for-the-badge
url: https://github.com/cloudposse/terraform-aws-s3-log-storage/commits
- name: Slack Community
image: https://slack.cloudposse.com/for-the-badge.svg
url: https://slack.cloudposse.com
# List any related terraform modules that this module may be used with or that this module depends on.
related:
- name: terraform-aws-s3-bucket
description: Terraform module that creates an S3 bucket with an optional IAM user for external CI/CD systems
url: https://github.com/cloudposse/terraform-aws-s3-bucket
- name: terraform-aws-cloudfront-s3-cdn
description: Terraform module to easily provision CloudFront CDN backed by an S3 origin
url: https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn
- name: terraform-aws-s3-website
description: Terraform Module for Creating S3 backed Websites and Route53 DNS
url: https://github.com/cloudposse/terraform-aws-s3-website
- name: terraform-aws-user-data-s3-backend
description: Terraform Module to Offload User Data to S3
url: https://github.com/cloudposse/terraform-aws-user-data-s3-backend
- name: terraform-aws-s3-logs-athena-query
description: A Terraform module that creates an Athena Database and Structure for querying S3 access logs
url: https://github.com/cloudposse/terraform-aws-s3-logs-athena-query
- name: terraform-aws-lb-s3-bucket
description: Terraform module to provision an S3 bucket with built in IAM policy to allow AWS Load Balancers to ship access logs
url: https://github.com/cloudposse/terraform-aws-lb-s3-bucket
description: |-
This module creates an S3 bucket suitable for receiving logs from other `AWS` services such as `S3`, `CloudFront`, and `CloudTrails`.
This module implements a configurable log retention policy, which allows you to efficiently manage logs across different storage classes (_e.g._ `Glacier`) and ultimately expire the data altogether.
It enables [default server-side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html).
It [blocks public access to the bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) by default.
As of March, 2022, this module is primarily a wrapper around our
[s3-bucket](https://github.com/cloudposse/terraform-aws-s3-bucket)
module, with some options preconfigured and SQS notifications added. If it does not exactly suit your needs,
you may want to use the `s3-bucket` module directly.
As of version 1.0 of this module, most of the inputs are marked `nullable = false`,
meaning you can pass in `null` and get the default value rather than having the
input be actually set to `null`. This is technically a breaking change from previous versions,
but since `null` was not a valid value for most of these variables, we are not considering it
a truly breaking change. However, be mindful that the behavior of inputs set to `null`
may change in the future, so we recommend setting them to the desired value explicitly.
usage: |2-
This module supports full S3 [storage lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html)
configuration via our [s3-bucket](https://github.com/cloudposse/terraform-aws-s3-bucket) module:
```hcl
locals {
lifecycle_configuration_rule = {
enabled = true # bool
id = "v2rule"
abort_incomplete_multipart_upload_days = 1 # number
filter_and = null
expiration = {
days = 120 # integer > 0
}
noncurrent_version_expiration = {
newer_noncurrent_versions = 3 # integer > 0
noncurrent_days = 60 # integer >= 0
}
transition = [{
days = 30 # integer >= 0
storage_class = "STANDARD_IA" # string/enum, one of GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE, GLACIER_IR.
},
{
days = 60 # integer >= 0
storage_class = "ONEZONE_IA" # string/enum, one of GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE, GLACIER_IR.
}]
noncurrent_version_transition = [{
newer_noncurrent_versions = 3 # integer >= 0
noncurrent_days = 30 # integer >= 0
storage_class = "ONEZONE_IA" # string/enum, one of GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE, GLACIER_IR.
}]
}
}
module "log_storage" {
source = "cloudposse/s3-log-storage/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
name = "logs"
stage = "test"
namespace = "eg"
versioning_enabled = true
lifecycle_configuration_rules = [var.lifecycle_configuration_rule]
}
```
include:
- docs/targets.md
- docs/terraform.md
contributors: []