- common

- add bucket_policy_disabled to not apply a default policy if desired to do the policy differently
terraform-modules · Oct 6, 2022 · b1018f3 · b1018f3
1 parent 62d3a67
commit b1018f3
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -149,3 +149,7 @@ This works with the Terraform AWS provider 4.x, released 2022-02.
 * 3.3.3 -- 2022-09-21
    - common
      - change aws_s3_bucket_versioning default if disabled to Suspended
+
+* 3.3.4 -- 2022-10-06
+  - common
+    - add bucket_policy_disabled to not apply a default policy if desired to do the policy differently
diff --git a/common/resources.tf b/common/resources.tf
@@ -175,6 +175,7 @@ data "aws_iam_policy_document" "this" {
 # apply policy to bucket and public access block policy to bucket
 #---
 resource "aws_s3_bucket_policy" "policy" {
+  count  = var.bucket_policy_disabled ? 0 : 1
   bucket = aws_s3_bucket.this.bucket
   #  policy     = data.aws_iam_policy_document.this.json
   policy     = data.aws_iam_policy_document.bucket_policy_combined.json

diff --git a/common/variables.s3.tf b/common/variables.s3.tf
@@ -108,3 +108,9 @@ variable "object_lock_enabled" {
   type        = bool
   default     = false
 }
+
+variable "bucket_policy_disable" {
+  description = "Flag to enable or disable the default bucket policy.  This is used for where we need to create the bucket policy outside of the module to prevent cyclical setup"
+  type        = bool
+  default     = false
+}
diff --git a/common/version.tf b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "3.3.3"
+  _module_version = "3.3.4"
 }