Creates the relevant infrastructure needed to handle AWS S3 file uploads.
Anti-virus scanning is handled via an AWS Lambda function using bucket-antivirus-function.
This package will need to be made and uploaded to wherever you keep Lambda artifacts. This bucket corresponds
to the lambda_s3_bucket configuration variable you pass to this module.
git clone git@github.com:upsidetravel/bucket-antivirus-function.git
cd bucket-antivirus-function
git checkout v2.0.0With that repo checked out you must run the make all command and then copy the resulting zip file
to AWS S3 with:
VERSION=2.0.0
aws s3 cp bucket-antivirus-function/build/lambda.zip "s3://${lambda_s3_bucket}/anti-virus/${VERSION}/anti-virus.zip"| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 3.0 |
| Name | Version |
|---|---|
| aws | >= 3.0 |
| Name | Source | Version |
|---|---|---|
| file_uploads_s3_bucket | trussworks/s3-private-bucket/aws | ~> 4.3.0 |
| file_uploads_s3_logging_bucket | trussworks/logs/aws | ~> 14.2.0 |
| s3_anti_virus | trussworks/s3-anti-virus/aws | ~> 3.2.0 |
| virus_scan_s3_bucket | trussworks/s3-private-bucket/aws | ~> 4.3.0 |
| Name | Type |
|---|---|
| aws_caller_identity.current | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| application_name | The name of the application | string |
n/a | yes |
| av_status_sns_arn | SNS topic ARN to publish scan results to | string |
n/a | yes |
| cloudwatch_logs_retention_days | Number of days to keep logs in AWS CloudWatch. | string |
90 |
no |
| cors_rules | List of maps containing rules for Cross-Origin Resource Sharing. | list(any) |
[] |
no |
| create_logging_bucket | Whether to create a new bucket for S3 access logs. | bool |
false |
no |
| environment | Environment level. | string |
"dev" |
no |
| file_uploads_bucket | The name of the S3 bucket used to store the uploads. | string |
n/a | yes |
| lambda_s3_bucket | The name of the S3 bucket where the lambda build artifact is stored | string |
n/a | yes |
| logging_bucket | The name of the S3 bucket used for S3 access logs. | string |
"" |
no |
| region | Application region. | string |
"us-west-2" |
no |
| s3_logs_retention_days | Number of days to keep logs in S3. | string |
90 |
no |
| tags | A map of tags to add to all resources. | map(string) |
{} |
no |
| virus_scanning_bucket | The name of the S3 bucket used to store virus scanning tools. | string |
n/a | yes |
| Name | Description |
|---|---|
| file_uploads_bucket_arn | ARN of the file uploads bucket |