aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/s3_state
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--s3_state/main.tf44
-rw-r--r--s3_state/variables.tf6
2 files changed, 50 insertions, 0 deletions
diff --git a/s3_state/main.tf b/s3_state/main.tf
new file mode 100644
index 0000000..1190892
--- /dev/null
+++ b/s3_state/main.tf
@@ -0,0 +1,44 @@
+resource "aws_s3_bucket" "state" {
+ bucket = var.bucket_name
+
+ lifecycle {
+ prevent_destroy = true
+ }
+}
+
+resource "aws_s3_bucket_versioning" "default" {
+ bucket = aws_s3_bucket.state.id
+
+ versioning_configuration {
+ status = "Enabled"
+ }
+}
+
+resource "aws_s3_bucket_server_side_encryption_configuration" "default" {
+ bucket = aws_s3_bucket.state.id
+
+ rule {
+ apply_server_side_encryption_by_default {
+ sse_algorithm = "AES256"
+ }
+ }
+}
+
+resource "aws_s3_bucket_public_access_block" "default" {
+ bucket = aws_s3_bucket.state.id
+ block_public_acls = true
+ block_public_policy = true
+ ignore_public_acls = true
+ restrict_public_buckets = true
+}
+
+resource "aws_dynamodb_table" "locks" {
+ name = var.dynamodb_table_name
+ billing_mode = "PAY_PER_REQUEST"
+ hash_key = "LockID"
+
+ attribute {
+ name = "LockID"
+ type = "S"
+ }
+}
diff --git a/s3_state/variables.tf b/s3_state/variables.tf
new file mode 100644
index 0000000..861b754
--- /dev/null
+++ b/s3_state/variables.tf
@@ -0,0 +1,6 @@
+variable "bucket_name" {
+ type = string
+}
+variable "dynamodb_table_name" {
+ type = string
+}