- terraform-tate

- add bucket_key_enabled (false) to enable bucket keys
terraform-modules · Jun 23, 2023 · 5ed2ea1 · 5ed2ea1
1 parent b672aa5
commit 5ed2ea1
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -268,3 +268,7 @@
 * 2.4.2 -- 2023-05-22
   - iam-general-policies
     - update cloudforms_ami to empty in EW (as we have no keys defined)
+
+* 2.4.3 -- 2023-06-23
+  - terraform-tate
+    - add bucket_key_enabled (false) to enable bucket keys
diff --git a/common/version.tf b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.4.2"
+  _module_version = "2.4.3"
 }
diff --git a/terraform-state/README.md b/terraform-state/README.md
@@ -103,6 +103,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_account_alias"></a> [account\_alias](#input\_account\_alias) | AWS Account Alias | `string` | `""` | no |
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | AWS Account ID (default will pull from current user) | `string` | `""` | no |
+| <a name="input_bucket_key_enabled"></a> [bucket\_key\_enabled](#input\_bucket\_key\_enabled) | Enable or disable the use of S3 Bucket Keys (see AWS documetnation at https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html). | `bool` | `false` | no |
 | <a name="input_component_tags"></a> [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | <pre>{<br>  "ddb": {},<br>  "kms": {},<br>  "s3": {}<br>}</pre> | no |
 | <a name="input_kms_tfstate_key"></a> [kms\_tfstate\_key](#input\_kms\_tfstate\_key) | Terraform remote state KMS key alias | `string` | `"k-kms-inf-tfstate"` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name suffix to use for policies, roles and groups (default: inf-terraform) | `string` | `"inf-terraform"` | no |

diff --git a/terraform-state/main.tf b/terraform-state/main.tf
@@ -147,6 +147,7 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "tfstate" {
       sse_algorithm     = "aws:kms"
     }
   }
+  bucket_key_enabled = var.bucket_key_enabled
 }
 
 resource "aws_s3_bucket_ownership_controls" "tfstate" {

diff --git a/terraform-state/variables.tf b/terraform-state/variables.tf
@@ -54,3 +54,9 @@ variable "name" {
   type        = string
   default     = "inf-terraform"
 }
+
+variable "bucket_key_enabled" {
+  description = "Enable or disable the use of S3 Bucket Keys (see AWS documetnation at https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html)."
+  type        = bool
+  default     = false
+}