This module creates and manages an S3 bucket that will be used to upload tfvars to, so that they can be shared with other people developing on a Terraform managed project.
Example module usage:
module "aws_tfvars_s3" {
source = "github.com/dxw/terraform-aws-tfvars-s3?ref=v0.2.2"
project_name = "my-project"
# enable_s3_bucket_logging = true
# logging_bucket_retention = true
# tfvars_files = {}
}
# Rather than outputting individual attributes from the resources, this module
# outputs the whole resource, so that all attributes can be referenced, eg:
# `local.tfvars_s3_bucket_arn = module.aws_tfvars_s3.aws_s3_bucket_tfvars.arn`
locals {
# Referencing outputs
local.tfvars_s3_bucket = module.aws_tfvars_s3.aws_s3_bucket_tfvars
local.tfvars_kms_key = module.aws_tfvars_s3.aws_kms_key_tfvars
local.tfvars_kms_alias = module.aws_tfvars_s3.aws_kms_alias_tfvars
local.logs_s3_bucket = module.aws_tfvars_s3.aws_s3_bucket_logs
local.logs_kms_key = module.aws_tfvars_s3.aws_kms_key_logs
local.logs_kms_alias = module.aws_tfvars_s3.aws_kms_alias_logs
}| Name | Version |
|---|---|
| terraform | >= 1.5.3 |
| aws | >= 5.9.0 |
| Name | Version |
|---|---|
| aws | 5.47.0 |
| Name | Type |
|---|---|
| aws_kms_alias.tfvars | resource |
| aws_kms_key.tfvars | resource |
| aws_s3_bucket.logs | resource |
| aws_s3_bucket.tfvars | resource |
| aws_s3_bucket_lifecycle_configuration.logs | resource |
| aws_s3_bucket_logging.tfvars | resource |
| aws_s3_bucket_policy.logs | resource |
| aws_s3_bucket_policy.tfvars | resource |
| aws_s3_bucket_public_access_block.logs | resource |
| aws_s3_bucket_public_access_block.tfvars | resource |
| aws_s3_bucket_server_side_encryption_configuration.logs | resource |
| aws_s3_bucket_server_side_encryption_configuration.tfvars | resource |
| aws_s3_bucket_versioning.logs | resource |
| aws_s3_bucket_versioning.tfvars | resource |
| aws_s3_object.tfvar_file | resource |
| aws_caller_identity.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| enable_s3_bucket_logging | Enable S3 bucket logging | bool |
true |
no |
| logging_bucket_retention | Logging bucket retention in days. Set to 0 to keep all logs. | number |
30 |
no |
| project_name | Project name to be used as a prefix for all resources | string |
n/a | yes |
| tfvars_files | Map of objects containing tfvar file paths | map( |
{} |
no |
| tfvars_kms_encryption | Use KMS rather than AES256 encryption for the tfvars bucket | bool |
true |
no |
| tfvars_restrict_access_user_ids | List of AWS User IDs that require access to the tfvars S3 bucket. If left empty, all users within the AWS account will have access | list(string) |
[] |
no |
| Name | Description |
|---|---|
| aws_kms_alias_tfvars | n/a |
| aws_kms_key_tfvars | n/a |
| aws_s3_bucket_logs | n/a |
| aws_s3_bucket_tfvars | n/a |