From 7679adfee93ccb52b9e97c183141c94b953af26c Mon Sep 17 00:00:00 2001 From: badra001 Date: Tue, 2 Jan 2024 13:09:00 -0500 Subject: [PATCH] update --- s3-config-org/README.md | 147 ---------------------------------------- 1 file changed, 147 deletions(-) delete mode 100644 s3-config-org/README.md diff --git a/s3-config-org/README.md b/s3-config-org/README.md deleted file mode 100644 index 38f3812..0000000 --- a/s3-config-org/README.md +++ /dev/null @@ -1,147 +0,0 @@ -# aws-inf-setup :: s3-config - -This set up the needed components for S3 config bucket. This needs to be in just one region. - -* S3 bucket - -# Usage -Here is a simple example, the one most commonly expected to be used. - -```hcl -module "config" { - source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//s3-config" -} -``` - -## Requirements - -No requirements. - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | n/a | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_s3_bucket.config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | -| [aws_s3_bucket_public_access_block.config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource | -| [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [account\_alias](#input\_account\_alias) | AWS Account Alias | `string` | `""` | no | -| [account\_id](#input\_account\_id) | AWS Account ID (default will pull from current user) | `string` | `""` | no | -| [bucket\_name](#input\_bucket\_name) | Logging S3 bucket name | `string` | `""` | no | -| [bucket\_name\_prefix](#input\_bucket\_name\_prefix) | Logging S3 bucket prefix, prepended to the AWS account ID and region to make the bucket name. | `string` | `"inf-config"` | no | -| [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms) | `map(map(string))` | 
{
  "kms": {},
  "s3": {}
}
| no | -| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no | -| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [bucket\_arn](#output\_bucket\_arn) | Config S3 bucket ARN | -| [bucket\_id](#output\_bucket\_id) | Config S3 bucket ID | - - -# aws-inf-setup :: s3-config-org - -This set up the needed components for an organization-use S3 config bucket. This will exist in each available region. - -* S3 bucket - -# Usage -Here is a simple example, the one most commonly expected to be used. - -```hcl -module "config_org" { - source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//s3-config-org" - - access_log_bucket = "my-access-log-bucket" -} -``` - -# Links -* https://cloudyadvice.com/2022/04/14/automated-enterprise-deployment-of-aws-config/ - -## Requirements - -No requirements. - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | n/a | -| [time](#provider\_time) | n/a | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_kms_alias.key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource | -| [aws_kms_key.key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource | -| [aws_s3_bucket.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | -| [aws_s3_bucket_acl.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource | -| [aws_s3_bucket_logging.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_logging) | resource | -| [aws_s3_bucket_ownership_controls.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls) | resource | -| [aws_s3_bucket_policy.policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | -| [aws_s3_bucket_public_access_block.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource | -| [aws_s3_bucket_server_side_encryption_configuration.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource | -| [aws_s3_bucket_versioning.config_org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning) | resource | -| [time_sleep.policy_delay](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource | -| [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | -| [aws_iam_policy_document.bucket_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.empty](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.key_admin](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.key_policy_combined](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_organizations_organization.org](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/organizations_organization) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | -| [aws_regions.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/regions) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [access\_log\_bucket](#input\_access\_log\_bucket) | Server Access Logging Bucket ID | `string` | n/a | yes | -| [access\_log\_bucket\_prefix](#input\_access\_log\_bucket\_prefix) | Server Access Log bucket prefix, to which the Object Logging bucket name will be appended to make the target\_prefix | `string` | `"s3"` | no | -| [account\_alias](#input\_account\_alias) | AWS Account Alias | `string` | `""` | no | -| [account\_id](#input\_account\_id) | AWS Account ID (default will pull from current user) | `string` | `""` | no | -| [bucket\_name](#input\_bucket\_name) | Organization Config S3 bucket name | `string` | `null` | no | -| [bucket\_name\_prefix](#input\_bucket\_name\_prefix) | Organization Config S3 bucket prefix, prepended to the AWS account ID and region to make the bucket name. | `string` | `"inf-org-config"` | no | -| [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms) | `map(map(string))` | 
{
  "kms": {},
  "s3": {}
}
| no | -| [key\_name](#input\_key\_name) | Name to apply to Org Logging KMS Key (default: k-inf-org-logging) | `string` | `null` | no | -| [kms\_admin\_roles](#input\_kms\_admin\_roles) | AWS KMS Key administrative role(s) which have full access to the key. The root user is included by default. | `list(string)` | `[]` | no | -| [kms\_policy\_document](#input\_kms\_policy\_document) | AWS KMS Key Policy Document JSON, merged with admin policy document | `string` | `null` | no | -| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no | -| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [bucket\_arn](#output\_bucket\_arn) | Organization Config S3 bucket ARN | -| [bucket\_id](#output\_bucket\_id) | Organization Config S3 bucket ID | -| [kms\_alias\_name](#output\_kms\_alias\_name) | Organization Config S3 Key Alias name | -| [kms\_key\_arn](#output\_kms\_key\_arn) | Organization Config S3 Key ARN | -| [kms\_key\_id](#output\_kms\_key\_id) | Organization Config S3 Key ID | - \ No newline at end of file