feat: switch to public s3 module

LambdaLayer/README.md

@@ -18,7 +18,7 @@ See https://docs.aws.amazon.com/lambda/latest/dg/packaging-layers.html
 
 | Name | Version |
 |------|---------|
-| aws | 5.100.0 |
+| aws | 6.32.0 |
 | random | 3.8.1 |
 
 ## Modules
@@ -26,7 +26,7 @@ See https://docs.aws.amazon.com/lambda/latest/dg/packaging-layers.html
 | Name | Source | Version |
 |------|--------|---------|
 | lambda\_archive | ../modules/compute/LambdaZipBuilder | n/a |
-| s3 | ../modules/storage/s3_bucket_2023 | n/a |
+| s3 | terraform-aws-modules/s3-bucket/aws | 5.10.0 |
 
 ## Resources
 

LambdaLayer/main.tf

@@ -14,14 +14,14 @@ module "lambda_archive" {
 
   pip_packages         = "pandas numpy pytz openpyxl"
   upload_archive_to_s3 = true
-  s3_bucket_name       = module.s3.bucket_name
+  s3_bucket_name       = module.s3.s3_bucket_id
   pip_path             = "/my/work/xpk-git/venv314/bin/pip3"
 }
 
 # create lambda layer
 resource "aws_lambda_layer_version" "pandas" {
   description         = "Python packages pandas numpy pytz openpyxl"
-  s3_bucket           = module.s3.bucket_name
+  s3_bucket           = module.s3.s3_bucket_id
   s3_key              = module.lambda_archive.s3_object_key
   source_code_hash    = module.lambda_archive.s3_object_hash
   layer_name          = "py_packages"
@@ -30,13 +30,24 @@ resource "aws_lambda_layer_version" "pandas" {
 
 # s3 bucket required for uploading python package zip
 module "s3" {
-  source                  = "../modules/storage/s3_bucket_2023"
-  bucket_name             = "lab-lambdalayer-${random_uuid.this.result}"
-  bucket_force_destroy    = true
-  enable_bucket_logging   = false
-  enable_bucket_lifecycle = false
-  enable_versioning       = false
-  enable_encryption       = true
+  source  = "terraform-aws-modules/s3-bucket/aws"
+  version = "5.10.0"
+
+  bucket = "lab-lambdalayer-${random_uuid.this.result}"
+
+  server_side_encryption_configuration = {
+    rule = {
+      bucket_key_enabled = true
+      apply_server_side_encryption_by_default = {
+        sse_algorithm     = "aws:kms"
+        kms_master_key_id = "alias/aws/s3"
+      }
+    }
+  }
+
+  attach_deny_insecure_transport_policy = true
+  block_public_policy                   = true
+  force_destroy                         = true
 }
 
 resource "random_uuid" "this" {}