Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement Log Storage Bucket #1

Merged
merged 16 commits into from
Sep 15, 2017
Merged

Implement Log Storage Bucket #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
db12d30
Implement bucket suitable for log storage
osterman Sep 14, 2017
b79f3af
Implement bucket suitable for log storage
osterman Sep 14, 2017
f9c72c6
Add README
osterman Sep 14, 2017
5c18a9a
added gitignore adn fixed tf_label issues
SweetOps Sep 14, 2017
cf1a97a
updated readme and removed useless output `bucket`
SweetOps Sep 14, 2017
02ebfb6
fixed readme
SweetOps Sep 14, 2017
40d4d53
Update tf_label #2
SweetOps Sep 14, 2017
2651d2d
add more features
osterman Sep 15, 2017
721d344
Update docs
osterman Sep 15, 2017
b2b5072
Add policy
osterman Sep 15, 2017
268ac0d
Adfix README
osterman Sep 15, 2017
4628645
add missing output
osterman Sep 15, 2017
3dfb843
Fix version lifecycle settings
osterman Sep 15, 2017
a5a46af
Add lifecycle_rule_enabled
osterman Sep 15, 2017
d8af1c4
output prefix for easy configuration with s3 bucket logging
osterman Sep 15, 2017
a314f50
Fix copy-paste error in README.md
const-bon Sep 15, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Compiled files
*.tfstate
*.tfstate.backup
*.lock.info

# Module directory
.terraform/

.idea
2 changes: 1 addition & 1 deletion LICENSE
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.

Copyright {yyyy} {name of copyright owner}
Copyright 2017 Cloud Posse, LLC

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
49 changes: 49 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# tf_log_storage

This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrails, which generate an enormous amount of log data. It implements a configurable log retention policy, which allows you to efficiently manage logs across different storage classes (E.g. glacier) and ultimately expire the data altogether.


## Usage

```terraform
module "log_storage" {
source = "git::https://github.com/cloudposse/tf_log_storage.git?ref=master"
name = "${var.name}"
stage = "${var.stage}"
namespace = "${var.namespace}"
acl = "${var.acl}"
prefix = "${var.prefix}"
standard_transition_days = "${var.standard_transition_days}"
glacier_transition_days = "${var.glacier_transition_days}"
expiration_days = "${var.expiration_days}"
}
```


## Variables
| Name | Default | Description | Required |
|:------------------------------------|:-------------------:|:----------------------------------------------------------------------------------------|:--------:|
| `namespace` | `` | Namespace (e.g. `cp` or `cloudposse`) | Yes |
| `stage` | `` | Stage (e.g. `prod`, `dev`, `staging`) | Yes |
| `name` | `` | Name (e.g. `log`) | Yes |
| `acl` | `log-delivery-write`| The canned ACL to apply | No |
| `policy` | `` | A valid bucket policy JSON document | No |
| `prefix` | `` | Object key prefix identifying one or more objects to which the lifecycle rule applies | No |
| `region` | `` | If specified, the AWS region this bucket should reside in. Defaults to region of callee.| No |
| `force_destroy` | `` | All objects will be forcefully deleted from the bucket when bucket destroyed | No |
| `lifecycle_rule_enabled` | `true` | Enable object lifecycle rules on this bucket | No |
| `versioning_enabled` | `false` | Versioning is a means of keeping multiple variants of an object in the same bucket | No |
| `noncurrent_version_transition_days`| `30` | Number of days to persist in the standard storage tier before moving to the glacier tier| No |
| `noncurrent_version_expiration_days`| `90` | Specifies when noncurrent object versions expire | No |
| `standard_transition_days` | `30` | Number of days to persist in the standard storage tier before moving to the glacier tier| No |
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@osterman this should be "Number of days to persist in the standard storage tier before moving to the glacier tier infrequent access tier"

| `glacier_transition_days` | `60` | Number of days after which to move the data to the glacier storage tier | No |
| `expiration_days` | `90` | Number of days after which to expunge the objects | No |

## Outputs

| Name | Description |
|:----------------------|:--------------------------------------|
| `bucket_domain_name` | FQDN of bucket |
| `bucket_id` | Bucket Name (aka ID) |
| `bucket_arn` | Bucket ARN |
| `prefix` | Prefix configured for lifecycle rules |
52 changes: 52 additions & 0 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
module "default_label" {
source = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0"
namespace = "${var.namespace}"
stage = "${var.stage}"
name = "${var.name}"
delimiter = "${var.delimiter}"
attributes = "${var.attributes}"
tags = "${var.tags}"
}

resource "aws_s3_bucket" "default" {
bucket = "${module.default_label.id}"
acl = "${var.acl}"
region = "${var.region}"
force_destroy = "${var.force_destroy}"
policy = "${var.policy}"

versioning {
enabled = "${var.versioning_enabled}"
}

lifecycle_rule {
id = "${module.default_label.id}"
enabled = "${var.lifecycle_rule_enabled}"

prefix = "${var.prefix}"
tags = "${module.default_label.tags}"

noncurrent_version_expiration {
days = "${var.noncurrent_version_expiration_days}"
}

noncurrent_version_transition {
days = "${var.noncurrent_version_transition_days}"
storage_class = "GLACIER"
}

transition {
days = "${var.standard_transition_days}"
storage_class = "STANDARD_IA"
}

transition {
days = "${var.glacier_transition_days}"
storage_class = "GLACIER"
}

expiration {
days = "${var.expiration_days}"
}
}
}
15 changes: 15 additions & 0 deletions output.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
output "bucket_domain_name" {
value = "${aws_s3_bucket.default.bucket_domain_name}"
}

output "bucket_id" {
value = "${aws_s3_bucket.default.id}"
}

output "bucket_arn" {
value = "${aws_s3_bucket.default.arn}"
}

output "prefix" {
value = "${var.prefix}"
}
7 changes: 7 additions & 0 deletions test/test.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
module "log_storage" {
source = "../"
name = "eg"
stage = "test"
namespace = "example"
versioning_enabled = "true"
}
78 changes: 78 additions & 0 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
variable "name" {}

variable "namespace" {}

variable "stage" {}

variable "tags" {
default = {}
}

variable "delimiter" {
default = "-"
}

variable "attributes" {
type = "list"
default = []
}

variable "acl" {
description = "(Optional) The canned ACL to apply. We recommend log-delivery-write for compatibility with AWS services"
default = "log-delivery-write"
}

variable "policy" {
description = "A valid bucket policy JSON document. Note that if the policy document is not specific enough (but still valid), Terraform may view the policy as constantly changing in a terraform plan. In this case, please make sure you use the verbose/specific version of the policy."
default = ""
}

variable "prefix" {
description = "(Optional) Key prefix. Used to manage object lifecycle events."
default = ""
}

variable "region" {
description = "(Optional) If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee."
default = ""
}

variable "force_destroy" {
description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable."
default = "false"
}

variable "lifecycle_rule_enabled" {
description = "(Optional) enable lifecycle events on this bucket"
default = "true"
}

variable "versioning_enabled" {
description = "(Optional) A state of versioning. Versioning is a means of keeping multiple variants of an object in the same bucket."
default = "false"
}

variable "noncurrent_version_expiration_days" {
description = "(Optional) Specifies when noncurrent object versions expire."
default = "90"
}

variable "noncurrent_version_transition_days" {
description = "(Optional) Specifies when noncurrent object versions transitions"
default = "30"
}

variable "standard_transition_days" {
description = "Number of days to persist in the standard storage tier before moving to the glacier tier"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

glacier infrequent access

default = "30"
}

variable "glacier_transition_days" {
description = "Number of days after which to move the data to the glacier storage tier"
default = "60"
}

variable "expiration_days" {
description = "Number of days after which to expunge the objects"
default = "90"
}