Code development platform for open source projects from the European Union institutions

Skip to content
Snippets Groups Projects
Normal view Permalink
s3.tf 4.08 KiB
Newer Older
Gilles Habran's avatar
Initial setup
Gilles Habran committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 
resource "aws_s3_bucket" "input_bucket" {
  bucket = var.s3_input_bucket_name

  # Prevents Terraform from destroying or replacing this object - a great safety mechanism
  lifecycle {
    prevent_destroy = true
  }

  tags = var.tags
}

resource "aws_s3_bucket_versioning" "input_bucket" {
  bucket = aws_s3_bucket.input_bucket.id
  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_acl" "input_bucket" {
  bucket = aws_s3_bucket.input_bucket.id
Julien Nowak's avatar
Nowakju test branch  
Julien Nowak committed
21 
  acl    = "private"
Gilles Habran's avatar
Initial setup
Gilles Habran committed
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 
}

resource "aws_s3_bucket_public_access_block" "input_bucket" {
  bucket = aws_s3_bucket.input_bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

resource "aws_s3_bucket_server_side_encryption_configuration" "input_bucket" {
  bucket = aws_s3_bucket.input_bucket.id
  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}
Gilles Habran's avatar
add experiments data bucket  
Gilles Habran committed
41
Gilles Habran's avatar
Ingestion setup  
Gilles Habran committed
42 43 44 45 46 47 
resource "aws_ssm_parameter" "input_bucket" {
  name  = var.ssm_buckets_input_id
  type  = "String"
  value = aws_s3_bucket.input_bucket.id
}
Gilles Habran's avatar
add experiments data bucket  
Gilles Habran committed
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 
resource "aws_s3_bucket" "data_bucket" {
  bucket = var.s3_data_bucket_name

  # Prevents Terraform from destroying or replacing this object - a great safety mechanism
  lifecycle {
    prevent_destroy = true
  }

  tags = var.tags
}

resource "aws_s3_bucket_versioning" "data_bucket" {
  bucket = aws_s3_bucket.data_bucket.id
  versioning_configuration {
    status = "Suspended"
  }
}

resource "aws_s3_bucket_acl" "data_bucket" {
  bucket = aws_s3_bucket.data_bucket.id
Julien Nowak's avatar
Nowakju test branch  
Julien Nowak committed
68 
  acl    = "private"
Gilles Habran's avatar
add experiments data bucket  
Gilles Habran committed
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 
}

resource "aws_s3_bucket_public_access_block" "data_bucket" {
  bucket = aws_s3_bucket.data_bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

resource "aws_s3_bucket_server_side_encryption_configuration" "data_bucket" {
  bucket = aws_s3_bucket.data_bucket.id
  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}
Gilles Habran's avatar
AITED-118: ci pipeline  
Gilles Habran committed
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 

resource "aws_s3_bucket" "ml_data_bucket" {
  bucket = var.s3_ml_data_bucket_name

  # Prevents Terraform from destroying or replacing this object - a great safety mechanism
  lifecycle {
    prevent_destroy = true
  }

  tags = var.tags
}

resource "aws_s3_bucket_versioning" "ml_data_bucket" {
  bucket = aws_s3_bucket.ml_data_bucket.id
  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_acl" "ml_data_bucket" {
  bucket = aws_s3_bucket.ml_data_bucket.id
  acl    = "private"
}

resource "aws_s3_bucket_public_access_block" "ml_data_bucket" {
  bucket = aws_s3_bucket.ml_data_bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

resource "aws_s3_bucket_server_side_encryption_configuration" "ml_data_bucket" {
  bucket = aws_s3_bucket.ml_data_bucket.id
  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

resource "aws_ssm_parameter" "ml_data_bucket" {
  name  = var.ssm_buckets_ml_data_id
  type  = "String"
  value = aws_s3_bucket.ml_data_bucket.id
}

resource "aws_s3_bucket" "ml_models_bucket" {
  bucket = var.s3_ml_models_bucket_name

  # Prevents Terraform from destroying or replacing this object - a great safety mechanism
  lifecycle {
    prevent_destroy = true
  }

  tags = var.tags
}

resource "aws_s3_bucket_versioning" "ml_models_bucket" {
  bucket = aws_s3_bucket.ml_models_bucket.id
  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_acl" "ml_models_bucket" {
  bucket = aws_s3_bucket.ml_models_bucket.id
  acl    = "private"
}

resource "aws_s3_bucket_public_access_block" "ml_models_bucket" {
  bucket = aws_s3_bucket.ml_models_bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

resource "aws_s3_bucket_server_side_encryption_configuration" "ml_models_bucket" {
  bucket = aws_s3_bucket.ml_models_bucket.id
  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

For further information about the platform and support, please see https://code.europa.eu/info/about