terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

# Configure the AWS Provider
provider "aws" {
  region = "eu-west-1"
}

# Create a VPC
resource "aws_vpc" "vpc_standout" {
  cidr_block = "10.0.0.0/16"
}

# create an s3 bucket for data
resource "aws_s3_bucket" "s3_standout" {
  bucket = "standout-data"
  force_destroy = true
}

resource "aws_s3_bucket_ownership_controls" "s3_standout_ownership" {
  bucket = aws_s3_bucket.s3_standout.id
  rule {
    object_ownership = "BucketOwnerPreferred"
  }
}

resource "aws_s3_bucket_public_access_block" "s3_standout_public_access" {
  bucket = aws_s3_bucket.s3_standout.id

  block_public_acls       = false
  block_public_policy     = false
  ignore_public_acls      = false
  restrict_public_buckets = false
}

resource "aws_s3_bucket_acl" "s3_standout_public_acl" {
  depends_on = [
    aws_s3_bucket_ownership_controls.s3_standout_ownership,
    aws_s3_bucket_public_access_block.s3_standout_public_access,
  ]

  bucket = aws_s3_bucket.s3_standout.id
  acl    = "public-read"
}

resource "aws_s3_bucket_policy" "s3_standout_policy" {
  bucket = aws_s3_bucket.s3_standout.id
  policy = data.aws_iam_policy_document.s3_standout_allow_lambda.json
}

data "aws_iam_policy_document" "s3_standout_allow_lambda" {
  statement {
    principals {
      type        = "AWS"
      identifiers = ["*"]
    }

    actions = [
      "s3:Get*",
      "s3:List*",
      "s3:Put*"
    ]

    resources = [
      "${aws_s3_bucket.s3_standout.arn}/*",
    ]
  }
}

# create a redirect lambda function

# create a route 53 configuration