vpc-flow-logs-s3-bucket
cloudposse/vpc-flow-logs-s3-bucket/aws
Terraform module to provision s3-backed flow logs for VPC and subnets
Terraform module to create AWS VPC Flow logs backed by S3. > [!TIP] > #### 👽 Use Atmos with Terraform > Cloud Posse uses atmos to easily orchestrate multiple environments using Terraform. > Works with Github Actions, Atlantis, or Spacelift. > > > Watch demo of using Atmos with Terraform > > Example of running atmos to manage infrastructure from our Quick Start tutorial. > Introduction The module will create: S3 bucket with server side encryption KMS key to encrypt flow logs files in the bucket * Optional VPC Flow Log backed by the S3 bucket (this can be disabled, e.g. in multi-account environments if you want to create an S3 bucket in one account and VPC Flow Logs in different accounts) Usage For a complete example, see examples/complete. For automated tests of the complete example using b
| Name | Type | Description | Default |
|---|---|---|---|
| environment | string | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'st | null |
| label_order | list(string) | The order in which the labels (ID elements) appear in the `id`. Defaults to ["na | null |
| lifecycle_rule_enabled | bool | DEPRECATED: Use `lifecycle_configuration_rules` instead. When `true`, configures | null |
| bucket_name | string | Bucket name. If not provided, the bucket will be created with a name generated f | "" |
| access_log_bucket_prefix | string | Prefix to prepend to the current S3 bucket name, where S3 access logs will be se | "logs/" |
| tags | map(string) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`). Neither the tag keys nor the t | {} |
| regex_replace_chars | string | Terraform regular expression (regex) string. Characters matching the regex will | null |
| tenant | string | ID element _(Rarely used, not included by default)_. A customer identifier, indi | null |
| stage | string | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'bu | null |
| traffic_type | string | The type of traffic to capture. Valid values: `ACCEPT`, `REJECT`, `ALL` | "ALL" |
| bucket_notifications_type | string | Type of the notification configuration. Only SQS is supported. | "SQS" |
| object_lock_configuration | object({ mode = string # | A configuration for [S3 object locking](https://docs.aws.amazon.com/AmazonS3/lat | null |
| enabled | bool | Set to false to prevent the module from creating any resources | null |
| bucket_notifications_prefix | string | Prefix filter. Used to manage object notifications | "" |
| vpc_id | string | VPC ID to create flow logs for | null |
| labels_as_tags | set(string) | Set of labels (ID elements) to include as tags in the `tags` output. Default is | [
"default"
] |
| name | string | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'. Thi | null |
| delimiter | string | Delimiter to be used between ID elements. Defaults to `-` (hyphen). Set to `""` | null |
| attributes | list(string) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`, | [] |
| force_destroy | bool | A boolean that indicates all objects should be deleted from the bucket so that t | false |
| … and 6 more inputs | |||
kms_alias_arn — KMS Alias ARNkms_alias_name — KMS Alias namebucket_domain_name — FQDN of bucketbucket_id — Bucket Name (aka ID)bucket_arn — Bucket ARNflow_log_arn — Flow Log ARNbucket_notifications_sqs_queue_arn — Notifications SQS queue ARNkms_key_arn — KMS Key ARNkms_key_id — KMS Key IDbucket_prefix — Bucket prefix configured for lifecycle rulesflow_log_id — Flow Log IDTerraform Module to define a consistent naming convention by (namespace, stage,
Terraform module for provisioning an EKS cluster
Terraform module to generate well-formed JSON documents (container definitions)
Terraform module that provision an S3 bucket to store the terraform.tfstate file