Merge pull request #1 from subhamay-bhattacharyya/feature/SB-0001-ini…

…tial-release

Initial Release: Setup Terraform AWS S3 Module

CHANGELOG.md

@@ -0,0 +1,8 @@
+# Changelog
+
+## [1.0.0] - 2024-11-12
+### Added
+- Initial release of the Terraform AWS S3 module.
+- Create an S3 bucket with versioning, encryption, and lifecycle rules.
+- Configure bucket policies and apply bucket ACLs.
+- Tag the S3 bucket.

README.md

@@ -1,2 +1,82 @@
-# terraform-aws-s3
-Private Terraform Registry Module - S3
+![](https://img.shields.io/github/commit-activity/t/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/last-commit/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/release-date/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/repo-size/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/directory-file-count/subhamay-bhattacharyya/terraform-aws-s3) [](https://img.shields.io/github/issues/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/languages/top/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/github/commit-activity/m/subhamay-bhattacharyya/terraform-aws-s3) ![](https://img.shields.io/endpoint?url=https://gist.githubusercontent.com/bsubhamay/4689677f7b4d68f0777a3b3959bbd04f/raw/terraform-aws-s3.json?)
+
+# Terraform AWS S3 Module
+
+This Terraform module creates an S3 bucket on AWS with various configurations.
+
+## Usage
+
+```hcl
+module "s3_bucket" {
+  source  = "app.terraform.io/subhamay-bhattacharyya/s3-bucket/aws"
+  version = "1.0.0"
+
+  aws-region               = "us-east-1"
+  project-name             = "your-project-name"
+  environment-name         = "devl"
+  bucket-base-name         = "your-bucket-base-name"
+  versioning-enabled       = true
+  sse-algorithm            = "AES256"
+  kms-master-key-id        = null
+  s3-lifecycle-rules       = null
+  bucket-policy-json       = null
+  s3-tags                  = null
+  ci-build                 = "your-ci-build-string"
+}
+```
+
+#### Note
+
+- To use default encryption pass `null` or `AES256` for sse-algorithm and `null` for `kms-master-key-id`
+- To use SSE-KMS encryption pass `aws:kms` for sse-algorithm and kms key arn `kms-master-key-id`
+- To create a bucket without any lifecycle rule pass `null` for `s3-lifecycle-rules`
+- To create or update a bucket without versioning enabled pass `false` for `versioning-enabled`
+- To add custom bucket tags pass a map as Key, Value pairs.
+- To create or update a bucket with bucket policy pass `bucket-policy-json` with `data.aws_iam_policy_document.s3_bucket_policy.json` and define the policy in the data block as
+
+```hcl
+data "aws_caller_identity" "current" {}
+data "aws_iam_policy_document" "s3_bucket_policy" {
+  statement {
+    principals {
+      type        = "AWS"
+      identifiers = [data.aws_caller_identity.current.account_id]
+    }
+
+    actions = [
+      "s3:GetObject",
+      "s3:ListBucket",
+    ]
+
+    resources = [
+      "arn:aws:s3:::${var.project-name}-${var.bucket-base-name}-${var.environment-name}-${var.aws-region}${var.ci-build}",
+      "arn:aws:s3:::${var.project-name}-${var.bucket-base-name}-${var.environment-name}-${var.aws-region}${var.ci-build}/*",
+    ]
+  }
+}
+```
+
+## Inputs
+
+| Name               | Description                                                     | Type        | Default  | Required |
+| ------------------ | --------------------------------------------------------------- | ----------- | -------- | -------- |
+| bucket-base-name   | The name of the S3 bucket                                       | string      | n/a      | yes      |
+| versioning-enabled | Whether versioning is enabled for the S3 bucket                 | bool        | true     | no       |
+| encryption-enabled | Whether server-side encryption is enabled for the S3 bucket     | bool        | true     | no       |
+| kms-master-key-id  | The AWS KMS master key ID used for the SSE-KMS encryption       | string      | n/a      | no       |
+| sse-algorithm      | The server-side encryption algorithm to use (AES256 or aws:kms) | string      | "AES256" | no       |
+| s3-lifecycle-rules | A list of lifecycle rules for the S3 bucket                     | map(object) | {}       | no       |
+| bucket-policy-json | The JSON policy to apply to the S3 bucket                       | string      | n/a      | no       |
+| s3-tags            | S3 Bucket tags                                                  | map(string) | {}       | no       |
+| ci-build           | CI build identifier                                             | string      | n/a      | no       |
+
+## Outputs
+
+| Name                        | Description                               |
+| --------------------------- | ----------------------------------------- |
+| bucket-arn                  | The ARN of the S3 bucket                  |
+| bucket-name                 | The name of the S3 bucket                 |
+| bucket-region               | The region of the S3 bucket               |
+| bucket-domain-name          | The domain name of the S3 bucket          |
+| bucket-regional-domain-name | The regional domain name of the S3 bucket |
+| tags-all                    | All tags assigned to the S3 bucket        |

VERSION

@@ -0,0 +1,19 @@
+# Version 1.0.0
+
+Initial release of the Terraform AWS S3 module.
+Version: 1.0.0
+Author: Subhamay Bhattacharyya
+Created: 12-Nov-2024
+Updated: 12-Nov-2024 09:44
+Description: This module creates an S3 bucket with versioning, encryption, and storage using Terraform.
+
+
+## Features
+- Create an S3 bucket
+- Enable versioning
+- Configure bucket policies
+- Enable server-side encryption
+- Configure lifecycle rules
+- Apply bucket ACLs
+- Tag the S3 bucket
+

main.tf

@@ -0,0 +1,83 @@
+/*
+####################################################################################################
+# Terraform S3 Bucket Configuration
+#
+# Description: This module creates an S3 bucket with versioning, encryption, lifecycle rules,
+#              and bucket policy using Terraform.
+#
+# Author: Subhamay Bhattacharyya
+# Created: 11-Nov-2024  Updated: 12-Nov-2024  9:44
+# Version: 1.0
+#
+####################################################################################################
+*/
+
+# --- S3 Bucket 
+resource "aws_s3_bucket" "s3_bucket" {
+  bucket        = local.s3-bucket-name
+  force_destroy = false
+
+  tags = var.s3-tags == null ? {} : var.s3-tags
+}
+
+# ---  Bucket Versioning
+resource "aws_s3_bucket_versioning" "s3_bucket_versioning" {
+  bucket = aws_s3_bucket.s3_bucket.id
+  versioning_configuration {
+    status = var.versioning-enabled ? "Enabled" : "Suspended"
+  }
+}
+
+# ---  Bucket Server-Side Encryption
+resource "aws_s3_bucket_server_side_encryption_configuration" "s3_bucket_sse_configuration" {
+  # count  = var.sse-algorithm != null ? 1 : 0
+  bucket = aws_s3_bucket.s3_bucket.id
+
+  rule {
+    apply_server_side_encryption_by_default {
+      kms_master_key_id = var.sse-algorithm == "aws:kms" ? var.kms-master-key-id : null
+      sse_algorithm     = var.sse-algorithm # AES256 , "aws:kms"
+    }
+    bucket_key_enabled = true
+  }
+}
+
+# ---  Bucket Lifecycle Configuration
+resource "aws_s3_bucket_lifecycle_configuration" "s3_bucket_lifecycle_configuration" {
+  count  = var.s3-lifecycle-rules != null ? 1 : 0
+  bucket = aws_s3_bucket.s3_bucket.id
+
+  dynamic "rule" {
+    for_each = var.s3-lifecycle-rules
+    content {
+      id = rule.key
+      filter {
+        and {
+          prefix = rule.value.prefix
+          tags   = rule.value.tags
+        }
+      }
+      status = rule.value.enabled ? "Enabled" : "Disabled"
+
+      dynamic "transition" {
+        for_each = rule.value.transition
+        content {
+          days          = transition.value.days
+          storage_class = transition.value.storage_class
+        }
+
+      }
+
+      expiration {
+        days = rule.value.expiration_days
+      }
+    }
+  }
+}
+
+# Bucket Policy
+resource "aws_s3_bucket_policy" "s3_bucket_policy" {
+  count  = var.bucket-policy-json != null ? 1 : 0
+  bucket = aws_s3_bucket.s3_bucket.id
+  policy = var.bucket-policy-json
+}

outputs.tf

@@ -0,0 +1,44 @@
+/*
+###################################################################################################
+# Terraform Outputs Configuration
+#
+# Description: This module creates an S3 bucket with versioning, encryption, lifecycle rules,
+#              and bucket policy using Terraform.
+#
+# Author: Subhamay Bhattacharyya
+# Created: 11-Nov-2024  Updated: 12-Nov-2024  9:44
+# Version: 1.0
+#
+####################################################################################################
+*/
+
+
+output "bucket-arn" {
+  description = "The ARN of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.arn
+}
+
+output "bucket-name" {
+  description = "The name of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.name
+}
+
+output "bucket-region" {
+  description = "The name of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.region
+}
+
+output "bucket-domain-name" {
+  description = "The domain name of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.bucket_domain_name
+}
+
+output "bucket-regional-domain-name" {
+  description = "The regional domain name of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.tags_all
+}
+
+output "tags-all" {
+  description = "The tags of the S3 bucket"
+  value       = aws_s3_bucket.s3_bucket.tags_all
+}