diff --git a/README.md b/README.md index a462d32..0f384ec 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,7 @@ module "bootstrap" { | [bucket\_purpose](#input\_bucket\_purpose) | Name to identify the bucket's purpose | `string` | `"tf-state"` | no | | [dynamodb\_table\_name](#input\_dynamodb\_table\_name) | Name of the DynamoDB Table for locking Terraform state. | `string` | `"terraform-state-lock"` | no | | [dynamodb\_table\_tags](#input\_dynamodb\_table\_tags) | Tags of the DynamoDB Table for locking Terraform state. | `map(string)` |
{
"Automation": "Terraform",
"Name": "terraform-state-lock"
}
| no | +| [enable\_s3\_public\_access\_block](#input\_enable\_s3\_public\_access\_block) | Bool for toggling whether the s3 public access block resource should be enabled. | `bool` | `true` | no | | [log\_bucket\_versioning](#input\_log\_bucket\_versioning) | Bool for toggling versioning for log bucket | `bool` | `false` | no | | [log\_name](#input\_log\_name) | Log name (for backwards compatibility this can be modified to logs) | `string` | `"log"` | no | | [log\_retention](#input\_log\_retention) | Log retention of access logs of state bucket. | `number` | `90` | no | diff --git a/main.tf b/main.tf index e6f4576..72531cc 100644 --- a/main.tf +++ b/main.tf @@ -20,7 +20,8 @@ module "terraform_state_bucket" { use_account_alias_prefix = false - tags = var.state_bucket_tags + enable_s3_public_access_block = var.enable_s3_public_access_block + tags = var.state_bucket_tags } # diff --git a/variables.tf b/variables.tf index 91d018e..6e02627 100644 --- a/variables.tf +++ b/variables.tf @@ -52,3 +52,9 @@ variable "state_bucket_tags" { default = { Automation : "Terraform" } description = "Tags to associate with the bucket storing the Terraform state files" } + +variable "enable_s3_public_access_block" { + description = "Bool for toggling whether the s3 public access block resource should be enabled." + type = bool + default = true +}