|
|
@@ -1,7 +1,7 @@
|
|
|
locals {
|
|
|
- bucket_name = "xdr-${ var.splunk_prefix }-${ var.environment }-splunk-frozen"
|
|
|
- accounts = [ var.aws_account_id ]
|
|
|
- account_arns = [ for a in local.accounts: "arn:${var.aws_partition}:iam::${a}:root" ]
|
|
|
+ bucket_name = "xdr-${var.splunk_prefix}-${var.environment}-splunk-frozen"
|
|
|
+ accounts = [var.aws_account_id]
|
|
|
+ account_arns = [for a in local.accounts : "arn:${var.aws_partition}:iam::${a}:root"]
|
|
|
}
|
|
|
|
|
|
resource "aws_s3_bucket" "bucket" {
|
|
|
@@ -26,12 +26,16 @@ resource "aws_s3_bucket" "bucket" {
|
|
|
abort_incomplete_multipart_upload_days = 2
|
|
|
|
|
|
transition {
|
|
|
- days = 3
|
|
|
+ days = 30
|
|
|
storage_class = "GLACIER"
|
|
|
+ ### Cheaper storage
|
|
|
+ #storage_class= "DEEP_ARCHIVE"
|
|
|
}
|
|
|
|
|
|
expiration {
|
|
|
- days = 365
|
|
|
+ # Discard after 18 months per OMB memo
|
|
|
+ # 18 months in days is 547, rounding up to 550
|
|
|
+ days = 550
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -54,7 +58,7 @@ resource "aws_s3_bucket_public_access_block" "public_access_block" {
|
|
|
|
|
|
# Not technically dependent, but prevents a "Conflicting conditional operation" conflict.
|
|
|
# See https://github.com/hashicorp/terraform-provider-aws/issues/7628
|
|
|
- depends_on = [ aws_s3_bucket_policy.policy ]
|
|
|
+ depends_on = [aws_s3_bucket_policy.policy]
|
|
|
}
|
|
|
|
|
|
resource "aws_s3_bucket_policy" "policy" {
|
Colby Williams