From 93bd3e8cc351f1beb80b4fd2860121a790455c16 Mon Sep 17 00:00:00 2001 From: ashle001 Date: Thu, 1 Oct 2020 15:00:00 -0400 Subject: [PATCH] remove main.tf.bak --- main.tf.bak | 106 ---------------------------------------------------- 1 file changed, 106 deletions(-) delete mode 100644 main.tf.bak diff --git a/main.tf.bak b/main.tf.bak deleted file mode 100644 index 1ffc52b..0000000 --- a/main.tf.bak +++ /dev/null @@ -1,106 +0,0 @@ -/* = About = - * = Usage = - * module "mybucket" { - * source = "git@github.e.it.census.gov:terraform-modules/aws-t26-s3.git" - * - * bucket_name = "myt26bucket" - * } - * - */ - -locals { - enforced_tags = { - "boc:safeguard" = "title26" - } -} - -#--- -# s3 bucket -#--- -resource "aws_s3_bucket" "this" { - bucket = var.bucket_name - acl = "private" - - force_destroy = true - - server_side_encryption_configuration { - rule { - apply_server_side_encryption_by_default { - kms_master_key_id = var.kms_key_id - sse_algorithm = "aws:kms" - } - } - } - - versioning { - enabled = true - #enabled = false - } - - logging { - target_bucket = var.access_log_bucket - target_prefix = format("%s/%s/", var.access_log_bucket_prefix, var.access_log_bucket) - } - - lifecycle { - #prevent_destroy = true - } - - tags = merge( - var.tags, - local.enforced_tags, - map("Name", var.bucket_name) - ) -} - -data "aws_iam_policy_document" "this" { - statement { - sid = "DenyIncorrectEncryptionHeader" - effect = "Deny" - actions = ["s3:PutObject"] - principals { - type = "AWS" - identifiers = ["*"] - } - resources = ["${aws_s3_bucket.this.arn}/*"] - condition { - test = "StringNotEquals" - variable = "s3:x-amz-server-side-encryption" - values = ["aws:kms"] - } - } - statement { - sid = "DenyUnEncryptedObjectUploads" - effect = "Deny" - actions = ["s3:PutObject"] - principals { - type = "AWS" - identifiers = ["*"] - } - resources = ["${aws_s3_bucket.this.arn}/*"] - condition { - test = "Null" - variable = "s3:x-amz-server-side-encryption" - values = ["true"] - } - } -} - -resource "null_resource" "s3_create_wait" { - triggers = { - bucket = aws_s3_bucket.this.id - } - provisioner "local-exec" { - when = create - command = "sleep 120" - } -} - -resource "aws_s3_bucket_object" "this_objects" { - bucket = aws_s3_bucket.this.id - count = length(var.bucket_folders) - key = format("%s/", element(var.bucket_folders, count.index)) - source = "/dev/null" - - depends_on = [null_resource.s3_create_wait] -}