Added Terraform and S3 config

2024-04-17 19:14:38 +02:00
parent a69f60cee5
commit bada480c37
3 changed files with 104 additions and 0 deletions
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -0,0 +1,25 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.45.0"
+  constraints = "~> 5.0"
+  hashes = [
+    "h1:4Vgk51R7iTY1oczaTQDG+DkA9nE8TmjlUtecqXX6qDU=",
+    "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368",
+    "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e",
+    "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6",
+    "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54",
+    "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe",
+    "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c",
+    "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a",
+    "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2",
+    "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7",
+    "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487",
+    "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814",
+    "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693",
+    "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a",
+  ]
+}
--- a/master.tf
+++ b/master.tf
@@ -0,0 +1,79 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}
+
+# Configure the AWS Provider
+provider "aws" {
+  region = "eu-west-1"
+}
+
+# Create a VPC
+resource "aws_vpc" "vpc_standout" {
+  cidr_block = "10.0.0.0/16"
+}
+
+# create an s3 bucket for data
+resource "aws_s3_bucket" "s3_standout" {
+  bucket = "standout-data"
+  force_destroy = true
+}
+
+resource "aws_s3_bucket_ownership_controls" "s3_standout_ownership" {
+  bucket = aws_s3_bucket.s3_standout.id
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
+
+resource "aws_s3_bucket_public_access_block" "s3_standout_public_access" {
+  bucket = aws_s3_bucket.s3_standout.id
+
+  block_public_acls       = false
+  block_public_policy     = false
+  ignore_public_acls      = false
+  restrict_public_buckets = false
+}
+
+resource "aws_s3_bucket_acl" "s3_standout_public_acl" {
+  depends_on = [
+    aws_s3_bucket_ownership_controls.s3_standout_ownership,
+    aws_s3_bucket_public_access_block.s3_standout_public_access,
+  ]
+
+  bucket = aws_s3_bucket.s3_standout.id
+  acl    = "public-read"
+}
+
+resource "aws_s3_bucket_policy" "s3_standout_policy" {
+  bucket = aws_s3_bucket.s3_standout.id
+  policy = data.aws_iam_policy_document.s3_standout_allow_lambda.json
+}
+
+data "aws_iam_policy_document" "s3_standout_allow_lambda" {
+  statement {
+    principals {
+      type        = "AWS"
+      identifiers = ["*"]
+    }
+
+    actions = [
+      "s3:Get*",
+      "s3:List*",
+      "s3:Put*"
+    ]
+
+    resources = [
+      "${aws_s3_bucket.s3_standout.arn}/*",
+    ]
+  }
+}
+
+# create a redirect lambda function
+
+# create a route 53 configuration 
+
--- a/s3_policy.json
+++ b/s3_policy.json