Skip to content

terrablocks/aws-s3-bucket

BranchesTags

Repository files navigation

Create a secured S3 Bucket

License Plan Checkov Commit Release

This terraform module will deploy the following services:

  • S3 Bucket

Usage Instructions

Example

module "s3_bucket" {
  source = "github.com/terrablocks/aws-s3-bucket.git" # Always use `ref` to point module to a specific version or hash

  name = "example"
}

Requirements

Name Version
terraform >= 1.3.0
aws >= 5.0.0

Inputs

Name Description Type Default Required
apply_ssl_deny_policy Apply the default SSL deny policy to the S3 bucket. Note: Set this to false if you want to attach your own policy bool true no
block_public_acls Whether to block creation of public ACLs bool true no
block_public_policy Whether to allow attaching bucket policy that makes the entire bucket contents accessible to public bool true no
bucket_key_enabled Whether to enable bucket level keys for rest-side encryption bool true no
disable_versioning Whether to disable bucket versioning (should only be used when creating or importing resources that correspond to unversioned S3 buckets) bool true no
enable_mfa_delete Enable MFA delete for S3 bucket bool false no
force_destroy Empty bucket contents before deleting S3 bucket bool true no
ignore_public_acls Whether to ignore existing public ACLs for the bucket bool true no
kms_key Alias/ARN/ID of KMS key for S3 SSE encryption string "alias/aws/s3" no
mfa The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device. Note: Required only if enable_mfa_delete is set to true string null no
name Name of the S3 bucket string n/a yes
object_lock_enabled Whether to enable object lock configuration for the bucket. Note: This argument is not supported for all regions or partitions bool false no
object_ownership Specify object ownership method. Possible values: BucketOwnerPreferred, ObjectWriter or BucketOwnerEnforced string "BucketOwnerEnforced" no
restrict_public_buckets Whether to ignore existing public bucket policy and make the bucket accessible only for owner bool true no
suspend_versioning Whether to suspend the bucket versioning bool false no
tags Key Value pair to assign to the S3 bucket map(any) {} no

Outputs

Name Description
arn ARN of the S3 bucket
hosted_zone_id Route53 hosted zone id for the S3 bucket
name Name of the S3 bucket
region Region the S3 bucket is hosted in
regional_domain_name Region specific domain name of the bucket

About

Terraform module to create an S3 bucket with base security features enabled

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 4

v1.1.2 Latest
Mar 7, 2025
+ 3 releases

Packages

 
 
 

Contributors

Languages