diff --git a/CHANGELOG.md b/CHANGELOG.md
index c80f768..3c70109 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -192,3 +192,9 @@
- cloudtrail
- add additional_sqs_names to create more SQS queues and assign to the same SNS
- output s3, sqs, and sns detail
+
+* 2.1.1 -- 2022-07-12
+ - add variable versioning_configuration, default to Disabled, but set to Suspended if existing bucket
+ - s3-access-logs
+ - s3-flow-logs
+ - config
diff --git a/common/version.tf b/common/version.tf
index 55a44df..2c6176e 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
locals {
- _module_version = "2.1.0"
+ _module_version = "2.1.1"
}
diff --git a/config/README.md b/config/README.md
index bf15395..9357479 100644
--- a/config/README.md
+++ b/config/README.md
@@ -95,6 +95,7 @@ No modules.
| [name](#input\_name) | Config resource name prefix used for all resources | `string` | `""` | no |
| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
## Outputs
diff --git a/config/s3.tf b/config/s3.tf
index 2c2f0fb..bcc5722 100644
--- a/config/s3.tf
+++ b/config/s3.tf
@@ -65,6 +65,6 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "config" {
resource "aws_s3_bucket_versioning" "config" {
bucket = aws_s3_bucket.config.id
versioning_configuration {
- status = "Disabled"
+ status = var.versioning_configuration
}
}
diff --git a/config/variables.tf b/config/variables.tf
index 5e288ab..28f6747 100644
--- a/config/variables.tf
+++ b/config/variables.tf
@@ -26,3 +26,9 @@ variable "component_tags" {
type = map(map(string))
default = { "s3" = {}, "kms" = {}, }
}
+
+variable "versioning_configuration" {
+ description = "S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new"
+ type = string
+ default = "Disabled"
+}
diff --git a/s3-access-logs/README.md b/s3-access-logs/README.md
index ec1e61c..3821e4c 100644
--- a/s3-access-logs/README.md
+++ b/s3-access-logs/README.md
@@ -82,6 +82,7 @@ No modules.
| [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | {
"ddb": {},
"kms": {},
"s3": {}
} | no |
| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
## Outputs
diff --git a/s3-access-logs/main.tf b/s3-access-logs/main.tf
index bfe7304..09e1aa3 100644
--- a/s3-access-logs/main.tf
+++ b/s3-access-logs/main.tf
@@ -98,7 +98,7 @@ resource "aws_s3_bucket_public_access_block" "logs" {
resource "aws_s3_bucket_versioning" "logs" {
bucket = aws_s3_bucket.logs.id
versioning_configuration {
- status = "Disabled"
+ status = var.versioning_configuration
}
}
diff --git a/s3-access-logs/variables.tf b/s3-access-logs/variables.tf
index 2589730..79f37f4 100644
--- a/s3-access-logs/variables.tf
+++ b/s3-access-logs/variables.tf
@@ -16,3 +16,9 @@ variable "component_tags" {
type = map(map(string))
default = { "s3" = {}, "kms" = {}, "ddb" = {} }
}
+
+variable "versioning_configuration" {
+ description = "S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new"
+ type = string
+ default = "Disabled"
+}
diff --git a/s3-flow-logs/README.md b/s3-flow-logs/README.md
index f30f5c7..e5be2eb 100644
--- a/s3-flow-logs/README.md
+++ b/s3-flow-logs/README.md
@@ -81,6 +81,7 @@ No modules.
| [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | {
"ddb": {},
"kms": {},
"s3": {}
} | no |
| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (efs, s3, ebs, kms, role, policy, security-group). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
+| [versioning\_configuration](#input\_versioning\_configuration) | S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new | `string` | `"Disabled"` | no |
## Outputs
diff --git a/s3-flow-logs/main.tf b/s3-flow-logs/main.tf
index c7febd1..451ddc4 100644
--- a/s3-flow-logs/main.tf
+++ b/s3-flow-logs/main.tf
@@ -140,6 +140,6 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "flowlogs" {
resource "aws_s3_bucket_versioning" "flowlogs" {
bucket = aws_s3_bucket.flowlogs.id
versioning_configuration {
- status = "Disabled"
+ status = var.versioning_configuration
}
}
diff --git a/s3-flow-logs/variables.tf b/s3-flow-logs/variables.tf
index e27308d..c694051 100644
--- a/s3-flow-logs/variables.tf
+++ b/s3-flow-logs/variables.tf
@@ -18,3 +18,9 @@ variable "component_tags" {
type = map(map(string))
default = { "s3" = {}, "kms" = {}, "ddb" = {} }
}
+
+variable "versioning_configuration" {
+ description = "S3 Versioning Configuration (Enabled, Disabled, Suspended). To disable, use Suspended if existing bucket and Disabled if new"
+ type = string
+ default = "Disabled"
+}