This module creates an S3 bucket suitable for receiving cloudtrail logs from multiple AWS accounts. It implements a configurable log retention policy, which allows you to efficiently manage logs across different storage classes (E.g. glacier) and ultimately expire the data altogether.
| Name | Default | Description | Required |
|---|---|---|---|
name |
`` | Name of the bucket (e.g. log) |
Yes |
accounts |
`` | List of additional account IDs that should be granted access to send cloudtrail logs (e.g. 111111111111) |
No |
namespace |
`` | Namespace (e.g. cp or cloudposse) |
Yes |
stage |
`` | Stage (e.g. prod, dev, staging) |
Yes |
acl |
log-delivery-write |
The canned ACL to apply | No |
policy |
`` | A valid bucket policy JSON document | No |
prefix |
`` | Object key prefix identifying one or more objects to which the lifecycle rule applies | No |
region |
`` | If specified, the AWS region this bucket should reside in. Defaults to region of callee. | No |
force_destroy |
`` | All objects will be forcefully deleted from the bucket when bucket destroyed | No |
lifecycle_rule_enabled |
true |
Enable object lifecycle rules on this bucket | No |
versioning_enabled |
false |
Versioning is a means of keeping multiple variants of an object in the same bucket | No |
noncurrent_version_transition_days |
30 |
Number of days to persist in the standard storage tier before moving to the glacier tier | No |
noncurrent_version_expiration_days |
90 |
Specifies when noncurrent object versions expire | No |
standard_transition_days |
30 |
Number of days to persist in the standard storage tier before moving to the glacier tier | No |
glacier_transition_days |
60 |
Number of days after which to move the data to the glacier storage tier | No |
expiration_days |
90 |
Number of days after which to expunge the objects | No |