From e09333e37dbc3ef1006486aff90b325e096ca701 Mon Sep 17 00:00:00 2001 From: javsanbel2 Date: Wed, 22 Jan 2025 11:56:29 +0100 Subject: [PATCH 1/5] Improve versioning --- s3.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/s3.tf b/s3.tf index d79200c..badd0c2 100644 --- a/s3.tf +++ b/s3.tf @@ -87,6 +87,7 @@ resource "aws_s3_bucket_versioning" "apiary_data_bucket_versioning" { resource "aws_s3_bucket_lifecycle_configuration" "apiary_data_bucket_versioning_lifecycle" { for_each = { for schema in local.schemas_info : "${schema["schema_name"]}" => schema + if lookup(schema, "s3_versioning_enabled", "") != "" } bucket = each.value["data_bucket"] # Rule enabled when expiration max days is set From 47d649e066b403ce89aec5bdb657a4900c5efa21 Mon Sep 17 00:00:00 2001 From: javsanbel2 Date: Wed, 22 Jan 2025 11:59:48 +0100 Subject: [PATCH 2/5] add also for bucket vers --- s3.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/s3.tf b/s3.tf index badd0c2..2dd38e2 100644 --- a/s3.tf +++ b/s3.tf @@ -77,6 +77,7 @@ resource "aws_s3_bucket" "apiary_data_bucket" { resource "aws_s3_bucket_versioning" "apiary_data_bucket_versioning" { for_each = { for schema in local.schemas_info : "${schema["schema_name"]}" => schema + if lookup(schema, "s3_versioning_enabled", "") != "" } bucket = each.value["data_bucket"] versioning_configuration { From ba1b33e723d3222af48bd3faaa1e2a92cb559970 Mon Sep 17 00:00:00 2001 From: javsanbel2 Date: Wed, 22 Jan 2025 12:37:00 +0100 Subject: [PATCH 3/5] Upgrade deprecated lifecycle_configuration --- s3.tf | 45 ++++++++++++++++++++------------------------- 1 file changed, 20 insertions(+), 25 deletions(-) diff --git a/s3.tf b/s3.tf index 2dd38e2..7b6036e 100644 --- a/s3.tf +++ b/s3.tf @@ -50,34 +50,11 @@ resource "aws_s3_bucket" "apiary_data_bucket" { target_bucket = local.enable_apiary_s3_log_management ? aws_s3_bucket.apiary_managed_logs_bucket[0].id : var.apiary_log_bucket target_prefix = "${var.apiary_log_prefix}${each.value["data_bucket"]}/" } - - lifecycle_rule { - id = "cost_optimization" - enabled = true - - abort_incomplete_multipart_upload_days = var.s3_lifecycle_abort_incomplete_multipart_upload_days - - dynamic "transition" { - for_each = each.value["s3_object_expiration_days_num"] == "-1" || each.value["s3_lifecycle_policy_transition_period"] < each.value["s3_object_expiration_days_num"] ? [1] : [] - content { - days = each.value["s3_lifecycle_policy_transition_period"] - storage_class = each.value["s3_storage_class"] - } - } - - dynamic "expiration" { - for_each = each.value["s3_object_expiration_days_num"] != "-1" ? [1] : [] - content { - days = each.value["s3_object_expiration_days_num"] - } - } - } } resource "aws_s3_bucket_versioning" "apiary_data_bucket_versioning" { for_each = { for schema in local.schemas_info : "${schema["schema_name"]}" => schema - if lookup(schema, "s3_versioning_enabled", "") != "" } bucket = each.value["data_bucket"] versioning_configuration { @@ -88,10 +65,9 @@ resource "aws_s3_bucket_versioning" "apiary_data_bucket_versioning" { resource "aws_s3_bucket_lifecycle_configuration" "apiary_data_bucket_versioning_lifecycle" { for_each = { for schema in local.schemas_info : "${schema["schema_name"]}" => schema - if lookup(schema, "s3_versioning_enabled", "") != "" } bucket = each.value["data_bucket"] - # Rule enabled when expiration max days is set + # Rule for s3 versioning expiration rule { id = "expire-noncurrent-versions-days" status = lookup(each.value, "s3_versioning_enabled", "") != "" ? "Enabled" : "Disabled" @@ -100,6 +76,25 @@ resource "aws_s3_bucket_lifecycle_configuration" "apiary_data_bucket_versioning_ noncurrent_days = tonumber(lookup(each.value, "s3_versioning_expiration_days", var.s3_versioning_expiration_days)) } } + # Rule s3 intelligent tiering transition + rule { + id = "cost_optimization_transition" + status = each.value["s3_object_expiration_days_num"] == "-1" || each.value["s3_lifecycle_policy_transition_period"] < each.value["s3_object_expiration_days_num"] ? "Enabled" : "Disabled" + + transition { + days = each.value["s3_lifecycle_policy_transition_period"] + storage_class = each.value["s3_storage_class"] + } + } + # Rule s3 object expiration + rule { + id = "cost_optimization_expiration" + status = each.value["s3_object_expiration_days_num"] != "-1" ? "Enabled" : "Disabled" + + expiration { + days = each.value["s3_object_expiration_days_num"] + } + } } resource "aws_s3_bucket_inventory" "apiary_bucket" { From 5574d0d48c17aa87f259dd75fa169d04de9c0b2c Mon Sep 17 00:00:00 2001 From: javsanbel2 Date: Wed, 22 Jan 2025 13:08:40 +0100 Subject: [PATCH 4/5] changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1e5a54..0bd2209 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [7.9.2] - 2025-01-22 +### Fixed +- Merged all S3 lifecycle configurations into `aws_s3_bucket_lifecycle_configuration` object. + ## [7.9.1] - 2025-01-14 ### Added - Added Splunk env for segrigatting logs for each environment. From 8794a02d2cbb5e31da2319d9eca73c1b8a02eef3 Mon Sep 17 00:00:00 2001 From: javsanbel2 Date: Wed, 22 Jan 2025 13:10:15 +0100 Subject: [PATCH 5/5] Do not deploy bucket versioning if is not needed --- s3.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/s3.tf b/s3.tf index 7b6036e..145549c 100644 --- a/s3.tf +++ b/s3.tf @@ -55,6 +55,7 @@ resource "aws_s3_bucket" "apiary_data_bucket" { resource "aws_s3_bucket_versioning" "apiary_data_bucket_versioning" { for_each = { for schema in local.schemas_info : "${schema["schema_name"]}" => schema + if lookup(schema, "s3_versioning_enabled", "") != "" } bucket = each.value["data_bucket"] versioning_configuration {