flexibleengine_s3_bucket

Provides a S3 bucket resource.

Example Usage

Private Bucket w/ Tags

resource "flexibleengine_s3_bucket" "b" {
  bucket = "my-tf-test-bucket"
  acl    = "private"
}

Static Website Hosting

resource "flexibleengine_s3_bucket" "b" {
  bucket = "s3-website-test.hashicorp.com"
  acl    = "public-read"
  policy = "${file("policy.json")}"

  website {
    index_document = "index.html"
    error_document = "error.html"

    routing_rules = <<EOF
[{
    "Condition": {
        "KeyPrefixEquals": "docs/"
    },
    "Redirect": {
        "ReplaceKeyPrefixWith": "documents/"
    }
}]
EOF
  }
}

Using CORS

resource "flexibleengine_s3_bucket" "b" {
  bucket = "s3-website-test.hashicorp.com"
  acl    = "public-read"

  cors_rule {
    allowed_headers = ["*"]
    allowed_methods = ["PUT", "POST"]
    allowed_origins = ["https://s3-website-test.hashicorp.com"]
    expose_headers  = ["ETag"]
    max_age_seconds = 3000
  }
}

Using versioning

resource "flexibleengine_s3_bucket" "b" {
  bucket = "my-tf-test-bucket"
  acl    = "private"

  versioning {
    enabled = true
  }
}

Enable Logging

resource "flexibleengine_s3_bucket" "log_bucket" {
  bucket = "my-tf-log-bucket"
  acl    = "log-delivery-write"
}

resource "flexibleengine_s3_bucket" "b" {
  bucket = "my-tf-test-bucket"
  acl    = "private"

  logging {
    target_bucket = "${flexibleengine_s3_bucket.log_bucket.id}"
    target_prefix = "log/"
  }
}

Using object lifecycle

resource "flexibleengine_s3_bucket" "bucket" {
  bucket = "my-bucket"
  acl    = "private"

  lifecycle_rule {
    id      = "log"
    enabled = true

    prefix  = "log/"

    expiration {
      days = 90
    }
  }

  lifecycle_rule {
    id      = "tmp"
    prefix  = "tmp/"
    enabled = true

    expiration {
      date = "2016-01-12"
    }
  }
}

resource "flexibleengine_s3_bucket" "versioning_bucket" {
  bucket = "my-versioning-bucket"
  acl    = "private"

  versioning {
    enabled = true
  }

  lifecycle_rule {
    prefix  = "config/"
    enabled = true
  }
}

Argument Reference

The following arguments are supported:

• bucket - (Optional, Forces new resource) The name of the bucket. If omitted, Terraform will assign a random, unique name.
• bucket_prefix - (Optional, Forces new resource) Creates a unique bucket name beginning with the specified prefix. Conflicts with bucket.
• acl - (Optional) The canned ACL to apply. Defaults to "private".
• policy - (Optional) A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a terraform plan. In this case, please make sure you use the verbose/specific version of the policy.
• force_destroy - (Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable.
• website - (Optional) A website object (documented below).
• cors_rule - (Optional) A rule of Cross-Origin Resource Sharing (documented below).
• versioning - (Optional) A state of versioning (documented below)
• logging - (Optional) A settings of bucket logging (documented below).
• lifecycle_rule - (Optional) A configuration of object lifecycle management (documented below).
• region - (Optional) If specified, the region this bucket should reside in. Otherwise, the region used by the callee.

The website object supports the following:

• index_document - (Required, unless using redirect_all_requests_to) Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
• error_document - (Optional) An absolute path to the document to return in case of a 4XX error.
• redirect_all_requests_to - (Optional) A hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (http:// or https://) to use when redirecting requests. The default is the protocol that is used in the original request.
• routing_rules - (Optional) A json array containing routing rules describing redirect behavior and when redirects are applied.

The CORS object supports the following:

• allowed_headers (Optional) Specifies which headers are allowed.
• allowed_methods (Required) Specifies which methods are allowed. Can be GET, PUT, POST, DELETE or HEAD.
• allowed_origins (Required) Specifies which origins are allowed.
• expose_headers (Optional) Specifies expose header in the response.
• max_age_seconds (Optional) Specifies time in seconds that browser can cache the response for a preflight request.

The versioning object supports the following:

• enabled - (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
• mfa_delete - (Optional) Enable MFA delete for either Change the versioning state of your bucket or Permanently delete an object version. Default is false.

The logging object supports the following:

• target_bucket - (Required) The name of the bucket that will receive the log objects.
• target_prefix - (Optional) To specify a key prefix for log objects.

The lifecycle_rule object supports the following:

• id - (Optional) Unique identifier for the rule.
• prefix - (Optional) Object key prefix identifying one or more objects to which the rule applies.
• enabled - (Required) Specifies lifecycle rule status.
• abort_incomplete_multipart_upload_days (Optional) Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
• expiration - (Optional) Specifies a period in the object's expire (documented below).
• noncurrent_version_expiration - (Optional) Specifies when noncurrent object versions expire (documented below).

At least one of expiration, noncurrent_version_expiration must be specified.

The expiration object supports the following

• date (Optional) Specifies the date after which you want the corresponding action to take effect.
• days (Optional) Specifies the number of days after object creation when the specific rule action takes effect.
• expired_object_delete_marker (Optional) On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers.

The noncurrent_version_expiration object supports the following

• days (Required) Specifies the number of days an object is noncurrent object versions expire.

The rules object supports the following:

• id - (Optional) Unique identifier for the rule.
• destination - (Required) Specifies the destination for the rule (documented below).
• prefix - (Required) Object keyname prefix identifying one or more objects to which the rule applies. Set as an empty string to replicate the whole bucket.
• status - (Required) The status of the rule. Either Enabled or Disabled. The rule is ignored if status is not Enabled.

The destination object supports the following:

• bucket - (Required) The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
• storage_class - (Optional) The class of storage used to store the object.

Attributes Reference

The following attributes are exported:

• id - The name of the bucket.
• arn - The ARN of the bucket. Will be of format arn:aws:s3:::bucketname.
• bucket_domain_name - The bucket domain name. Will be of format bucketname.s3.amazonaws.com.
• hosted_zone_id - The Route 53 Hosted Zone ID for this bucket's region.
• region - The region this bucket resides in.
• website_endpoint - The website endpoint, if the bucket is configured with a website. If not, this will be an empty string.
• website_domain - The domain of the website endpoint, if the bucket is configured with a website. If not, this will be an empty string. This is used to create Route 53 alias records.

Import

S3 bucket can be imported using the bucket, e.g.

$ terraform import flexibleengine_s3_bucket.bucket bucket-name