-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbucket_logs.tf
54 lines (45 loc) · 1.25 KB
/
bucket_logs.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# This bucket is shared by both production and staging at present....
# this terraform config is not right in that both staging and prod terraform workspaces currently think
# they control this same bucket. Should prob fix, but it's worked up to now and am not fixing right now.
resource "aws_s3_bucket" "chf-logs" {
force_destroy = false
bucket = "chf-logs"
tags = {
"Role" = "Production"
"S3-Bucket-Name" = "chf-logs"
"Service" = "Systems"
"Type" = "S3"
}
}
# in s3_access_logs/ and cloudfront_access_logs/ prefixes, delete objects after 13 months
resource "aws_s3_bucket_lifecycle_configuration" "chf_logs" {
bucket = "chf-logs"
rule {
id = "expire_s3_access_logs"
status = "Enabled"
filter {
prefix = "s3_access_logs/"
}
expiration {
days = 395
expired_object_delete_marker = false
}
noncurrent_version_expiration {
noncurrent_days = 395
}
}
rule {
id = "expire_cloudfront_access_logs"
status = "Enabled"
filter {
prefix = "cloudfront_access_logs/"
}
expiration {
days = 395
expired_object_delete_marker = false
}
noncurrent_version_expiration {
noncurrent_days = 395
}
}
}