diff options
Diffstat (limited to '')
-rw-r--r-- | s3_state/main.tf | 44 | ||||
-rw-r--r-- | s3_state/variables.tf | 6 |
2 files changed, 50 insertions, 0 deletions
diff --git a/s3_state/main.tf b/s3_state/main.tf new file mode 100644 index 0000000..1190892 --- /dev/null +++ b/s3_state/main.tf @@ -0,0 +1,44 @@ +resource "aws_s3_bucket" "state" { + bucket = var.bucket_name + + lifecycle { + prevent_destroy = true + } +} + +resource "aws_s3_bucket_versioning" "default" { + bucket = aws_s3_bucket.state.id + + versioning_configuration { + status = "Enabled" + } +} + +resource "aws_s3_bucket_server_side_encryption_configuration" "default" { + bucket = aws_s3_bucket.state.id + + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" + } + } +} + +resource "aws_s3_bucket_public_access_block" "default" { + bucket = aws_s3_bucket.state.id + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true +} + +resource "aws_dynamodb_table" "locks" { + name = var.dynamodb_table_name + billing_mode = "PAY_PER_REQUEST" + hash_key = "LockID" + + attribute { + name = "LockID" + type = "S" + } +} diff --git a/s3_state/variables.tf b/s3_state/variables.tf new file mode 100644 index 0000000..861b754 --- /dev/null +++ b/s3_state/variables.tf @@ -0,0 +1,6 @@ +variable "bucket_name" { + type = string +} +variable "dynamodb_table_name" { + type = string +} |