From 6b295c0787126e4cb1ca1444045eda7c02a589c3 Mon Sep 17 00:00:00 2001 From: Cory Walker Date: Wed, 30 Jun 2021 13:49:51 -0400 Subject: [PATCH 1/3] Propagate the variable enable_s3_public_access_block to allow for use with bootstrap initialization --- main.tf | 1 + variables.tf | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/main.tf b/main.tf index e6f4576..39d28eb 100644 --- a/main.tf +++ b/main.tf @@ -20,6 +20,7 @@ module "terraform_state_bucket" { use_account_alias_prefix = false + enable_s3_public_access_block = var.enable_s3_public_access_block tags = var.state_bucket_tags } diff --git a/variables.tf b/variables.tf index 91d018e..6e02627 100644 --- a/variables.tf +++ b/variables.tf @@ -52,3 +52,9 @@ variable "state_bucket_tags" { default = { Automation : "Terraform" } description = "Tags to associate with the bucket storing the Terraform state files" } + +variable "enable_s3_public_access_block" { + description = "Bool for toggling whether the s3 public access block resource should be enabled." + type = bool + default = true +} From 3c8376c5326399c12b2eea39bfda1a3b0084fd62 Mon Sep 17 00:00:00 2001 From: Cory Walker Date: Wed, 30 Jun 2021 13:58:05 -0400 Subject: [PATCH 2/3] Propagate the variable enable_s3_public_access_block to allow for use with bootstrap initialization --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 39d28eb..72531cc 100644 --- a/main.tf +++ b/main.tf @@ -21,7 +21,7 @@ module "terraform_state_bucket" { use_account_alias_prefix = false enable_s3_public_access_block = var.enable_s3_public_access_block - tags = var.state_bucket_tags + tags = var.state_bucket_tags } # From 0f656e1d77bbdf0007ba2c865ffcaf8be12e6cd7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 30 Jun 2021 18:02:54 +0000 Subject: [PATCH 3/3] terraform-docs: automated action --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a462d32..0f384ec 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,7 @@ module "bootstrap" { | [bucket\_purpose](#input\_bucket\_purpose) | Name to identify the bucket's purpose | `string` | `"tf-state"` | no | | [dynamodb\_table\_name](#input\_dynamodb\_table\_name) | Name of the DynamoDB Table for locking Terraform state. | `string` | `"terraform-state-lock"` | no | | [dynamodb\_table\_tags](#input\_dynamodb\_table\_tags) | Tags of the DynamoDB Table for locking Terraform state. | `map(string)` |
{
"Automation": "Terraform",
"Name": "terraform-state-lock"
}
| no | +| [enable\_s3\_public\_access\_block](#input\_enable\_s3\_public\_access\_block) | Bool for toggling whether the s3 public access block resource should be enabled. | `bool` | `true` | no | | [log\_bucket\_versioning](#input\_log\_bucket\_versioning) | Bool for toggling versioning for log bucket | `bool` | `false` | no | | [log\_name](#input\_log\_name) | Log name (for backwards compatibility this can be modified to logs) | `string` | `"log"` | no | | [log\_retention](#input\_log\_retention) | Log retention of access logs of state bucket. | `number` | `90` | no |