Skip to content

Commit

Permalink
change resource names
Browse files Browse the repository at this point in the history
  • Loading branch information
Don Badrak committed Jun 22, 2020
1 parent 6bad39b commit ecfd8a4
Showing 1 changed file with 25 additions and 13 deletions.
38 changes: 25 additions & 13 deletions main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
locals {
enforced_tags = {
"boc:safeguard" = "title26"
}
}

#---
# s3 bucket
#---
Expand All @@ -22,7 +28,14 @@ resource "aws_s3_bucket" "this" {
prevent_destroy = true
}

data "aws_iam_policy_document" "t26_s3" {
tags = merge(
var.tags,
local.enforced_tags,
map("Name", var.bucket_name)
)
}

data "aws_iam_policy_document" "this" {
statement {
sid = "DenyIncorrectEncryptionHeader"
effect = "Deny"
Expand All @@ -31,7 +44,7 @@ data "aws_iam_policy_document" "t26_s3" {
type = "AWS"
identifiers = ["*"]
}
resources = ["${aws_s3_bucket.t26.arn}/*"]
resources = ["${aws_s3_bucket.this.arn}/*"]
condition {
test = "StringNotEquals"
variable = "s3:x-amz-server-side-encryption"
Expand All @@ -46,31 +59,30 @@ data "aws_iam_policy_document" "t26_s3" {
type = "AWS"
identifiers = ["*"]
}
resources = ["${aws_s3_bucket.t26.arn}/*"]
resources = ["${aws_s3_bucket.this.arn}/*"]
condition {
test = "Null"
variable = "s3:x-amz-server-side-encryption"
values = ["true"]
values = ["true"]
}
}
}

tags = merge(
var.tags,
local.enforced_tags,
map( "Name", var.bucket_name)
)

resource "null_resource" "s3_create_wait" {
triggers = {
bucket = aws_s3_bucket.this.id
}
provisioner "local-exec" {
when = create
when = create
command = "sleep 120"
}
}

resource "aws_s3_bucket_object" "this_objects" {
bucket = aws_s3_bucket.this.id
count = length(var.bucket_folders)
key = format("%s/",element(var.bucket_folders,count.index))
key = format("%s/", element(var.bucket_folders, count.index))
source = "/dev/null"

depends_on [aws_s3_bucket.this]
depends_on = [aws_s3_bucket.this]
}

0 comments on commit ecfd8a4

Please sign in to comment.