feat: updates on eks example, cmk, and s3bucket

2026-03-31 07:59:05 +08:00
parent b74aeac165
commit c8eba9a6f8
9 changed files with 424 additions and 2 deletions
@@ -0,0 +1,127 @@
+variable "bucket_name" {
+  type        = string
+  description = "Name of bucket"
+}
+
+variable "bucket_policy_json" {
+  type        = string
+  default     = "{}"
+  description = "Json-encoded bucket policy. The AllowSSLRequestsOnly policy is merged with this input."
+}
+
+variable "current_version_expiration_days" {
+  type        = number
+  default     = 2560
+  description = "731 for flowlogs"
+}
+
+variable "noncurrent_version_expiration_days" {
+  type        = number
+  default     = 2560
+  description = "731 for flowlogs"
+}
+
+variable "enable_bucket_logging" {
+  type        = bool
+  description = "Enable bucket logging"
+}
+variable "logging_bucket_id" {
+  type        = string
+  default     = null
+  description = "Logging bucket id"
+}
+variable "enable_encryption" {
+  type        = bool
+  description = "Enable encryption for s3 bucket"
+}
+variable "encryption_key_arn" {
+  type        = string
+  default     = ""
+  description = "Leave blank to use AES256"
+}
+variable "enable_versioning" {
+  type        = bool
+  description = "Enable s3 bucket versioning"
+}
+variable "enable_bucket_lifecycle" {
+  type        = bool
+  description = "Enable s3 bucket lifecycle"
+}
+
+variable "enable_replication" {
+  type        = bool
+  default     = false
+  description = "Enable s3 bucket replication"
+}
+
+variable "replication_role_arn" {
+  type        = string
+  default     = null
+  description = "IAM role of s3 bucket replication"
+}
+
+variable "replication_dest_bucket_name" {
+  type        = string
+  default     = null
+  description = "Replica bucket name"
+}
+
+variable "replication_destination_aws_account_id" {
+  type        = number
+  default     = null
+  description = "AWS account id of replica bucket"
+}
+
+variable "replication_destination_kms_key_arn" {
+  type        = string
+  default     = null
+  description = "KMS key ARN of destination bucket"
+}
+
+variable "enable_intelligent_tiering" {
+  type        = bool
+  default     = false
+  description = "Enable intelligent tiering"
+}
+
+variable "current-version-archive-tier" {
+  type        = string
+  description = "Current version archive storage class. Valid values are GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE, GLACIER_IR"
+  default     = null
+}
+
+variable "noncurrent-version-archive-tier" {
+  type        = string
+  description = "Non-current version archive storage class. Valid values are GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE, GLACIER_IR"
+  default     = "GLACIER"
+}
+
+variable "current-version-transition-days" {
+  type        = number
+  description = "Days to transition current version to archive"
+  default     = 15
+}
+
+variable "noncurrent-version-transition-days" {
+  type        = number
+  description = "Days to transition non-current version to archive"
+  default     = 15
+}
+
+variable "encryption-enable-bucket-key" {
+  type        = bool
+  default     = false
+  description = "Enable bucket key"
+}
+
+variable "bucket-namespace" {
+  type        = string
+  default     = "global"
+  description = "Use global or account-regional namespace. Defaults to global"
+}
+
+variable "force-destroy" {
+  type        = bool
+  default     = true
+  description = "Boolean that indicates all objects should be deleted from the bucket when the bucket is destroyed"
+}