Fix for s3 bucket acl & added custom prefix (#95)

dleiva04 · web-flow · commit d651fa52c7a5 · 2023-10-16T16:51:10.000+02:00
* fix s3 bucket acl, add custom prefix

* added s3 acl fix for aws modules
diff --git a/modules/aws-exfiltration-protection/s3.tf b/modules/aws-exfiltration-protection/s3.tf
@@ -13,6 +13,13 @@ resource "aws_s3_bucket_versioning" "versioning" {
   }
 }
 
+resource "aws_s3_bucket_ownership_controls" "state" {
+  bucket = aws_s3_bucket.root_storage_bucket.id
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
+
 resource "aws_s3_bucket_acl" "acl" {
   bucket = aws_s3_bucket.root_storage_bucket.id
   acl    = "private"
diff --git a/modules/aws-workspace-basic/main.tf b/modules/aws-workspace-basic/main.tf
@@ -5,5 +5,5 @@ resource "random_string" "naming" {
 }
 
 locals {
-  prefix = "demo${random_string.naming.result}"
-}
+  prefix = var.prefix != "" ? var.prefix : "demo${random_string.naming.result}"
+}
diff --git a/modules/aws-workspace-basic/s3.tf b/modules/aws-workspace-basic/s3.tf
@@ -13,6 +13,13 @@ resource "aws_s3_bucket_versioning" "versioning" {
   }
 }
 
+resource "aws_s3_bucket_ownership_controls" "state" {
+  bucket = aws_s3_bucket.root_storage_bucket.id
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
+
 resource "aws_s3_bucket_acl" "acl" {
   bucket = aws_s3_bucket.root_storage_bucket.id
   acl    = "private"
diff --git a/modules/aws-workspace-basic/variables.tf b/modules/aws-workspace-basic/variables.tf
@@ -10,4 +10,9 @@ variable "cidr_block" {
 
 variable "region" {
   default = "eu-west-1"
+}
+
+variable "prefix" {
+  default = null
+  description = "Default value is demo"
 }
diff --git a/modules/aws-workspace-with-firewall/s3.tf b/modules/aws-workspace-with-firewall/s3.tf
@@ -30,6 +30,13 @@ resource "aws_s3_bucket_policy" "root_bucket_policy" {
   depends_on = [aws_s3_bucket_public_access_block.root_storage_bucket]
 }
 
+resource "aws_s3_bucket_ownership_controls" "state" {
+  bucket = aws_s3_bucket.root_storage_bucket.id
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
+
 resource "aws_s3_bucket_acl" "root_storage_bucket" {
   bucket     = aws_s3_bucket.root_storage_bucket.id
   acl        = "private"

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,13 @@ resource "aws_s3_bucket_versioning" "versioning" {`
`13`	`13`	`}`
`14`	`14`	`}`
`15`	`15`
	`16`	`+resource "aws_s3_bucket_ownership_controls" "state" {`
	`17`	`+ bucket = aws_s3_bucket.root_storage_bucket.id`
	`18`	`+ rule {`
	`19`	`+ object_ownership = "BucketOwnerPreferred"`
	`20`	`+ }`
	`21`	`+}`
	`22`	`+`
`16`	`23`	`resource "aws_s3_bucket_acl" "acl" {`
`17`	`24`	`bucket = aws_s3_bucket.root_storage_bucket.id`
`18`	`25`	`acl = "private"`
Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,5 @@ resource "random_string" "naming" {`
`5`	`5`	`}`
`6`	`6`
`7`	`7`	`locals {`
`8`		`- prefix = "demo${random_string.naming.result}"`
`9`		`-}`
	`8`	`+ prefix = var.prefix != "" ? var.prefix : "demo${random_string.naming.result}"`
	`9`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -10,4 +10,9 @@ variable "cidr_block" {`
`10`	`10`
`11`	`11`	`variable "region" {`
`12`	`12`	`default = "eu-west-1"`
	`13`	`+}`
	`14`	`+`
	`15`	`+variable "prefix" {`
	`16`	`+ default = null`
	`17`	`+ description = "Default value is demo"`
`13`	`18`	`}`