- add variable versioning_configuration, default to Disabled, but set…

… to Suspended if existing bucket

  - s3-access-logs
  - s3-flow-logs
  - config

CHANGELOG.md

@@ -192,3 +192,9 @@
   - cloudtrail
     - add additional_sqs_names to create more SQS queues and assign to the same SNS
     - output s3, sqs, and sns detail
+
+* 2.1.1 -- 2022-07-12
+  - add variable versioning_configuration, default to Disabled, but set to Suspended if existing bucket
+    - s3-access-logs
+    - s3-flow-logs
+    - config

common/version.tf

@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.1.0"
+  _module_version = "2.1.1"
 }

config/README.md

@@ -95,6 +95,7 @@ No modules.
 | <a name="input_name"></a> [name](#input\_name) | Config resource name prefix used for all resources | `string` | `""` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| <a name="input_versioning_configuration"></a> [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
 
 ## Outputs
 

config/s3.tf

@@ -65,6 +65,6 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "config" {
 resource "aws_s3_bucket_versioning" "config" {
   bucket = aws_s3_bucket.config.id
   versioning_configuration {
-    status = "Disabled"
+    status = var.versioning_configuration
   }
 }

config/variables.tf

@@ -26,3 +26,9 @@ variable "component_tags" {
   type        = map(map(string))
   default     = { "s3" = {}, "kms" = {}, }
 }
+
+variable "versioning_configuration" {
+  description = "S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new"
+  type        = string
+  default     = "Disabled"
+}

s3-access-logs/README.md

@@ -82,6 +82,7 @@ No modules.
 | <a name="input_component_tags"></a> [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | <pre>{<br>  "ddb": {},<br>  "kms": {},<br>  "s3": {}<br>}</pre> | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| <a name="input_versioning_configuration"></a> [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
 
 ## Outputs
 

s3-access-logs/main.tf

@@ -98,7 +98,7 @@ resource "aws_s3_bucket_public_access_block" "logs" {
 resource "aws_s3_bucket_versioning" "logs" {
   bucket = aws_s3_bucket.logs.id
   versioning_configuration {
-    status = "Disabled"
+    status = var.versioning_configuration
   }
 }
 

s3-access-logs/variables.tf

@@ -16,3 +16,9 @@ variable "component_tags" {
   type        = map(map(string))
   default     = { "s3" = {}, "kms" = {}, "ddb" = {} }
 }
+
+variable "versioning_configuration" {
+  description = "S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new"
+  type        = string
+  default     = "Disabled"
+}

s3-flow-logs/README.md

@@ -81,6 +81,7 @@ No modules.
 | <a name="input_component_tags"></a> [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | <pre>{<br>  "ddb": {},<br>  "kms": {},<br>  "s3": {}<br>}</pre> | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| <a name="input_versioning_configuration"></a> [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
 
 ## Outputs
 

s3-flow-logs/main.tf

@@ -140,6 +140,6 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "flowlogs" {
 resource "aws_s3_bucket_versioning" "flowlogs" {
   bucket = aws_s3_bucket.flowlogs.id
   versioning_configuration {
-    status = "Disabled"
+    status = var.versioning_configuration
   }
 }

s3-flow-logs/variables.tf

@@ -18,3 +18,9 @@ variable "component_tags" {
   type        = map(map(string))
   default     = { "s3" = {}, "kms" = {}, "ddb" = {} }
 }
+
+variable "versioning_configuration" {
+  description = "S3 Versioning Configuration (Enabled, Disabled, Suspended).  To disable, use Suspended if existing bucket and Disabled if new"
+  type        = string
+  default     = "Disabled"
+}