Merge pull request nozaq#41 from centyx/master

nozaq · web-flow · commit 335d99660183 · 2019-06-06T09:57:25.000+09:00
Fixes nozaq#40
diff --git a/modules/secure-bucket/main.tf b/modules/secure-bucket/main.tf
@@ -16,6 +16,15 @@ resource "aws_s3_bucket" "access_log" {
   }
 }
 
+resource "aws_s3_bucket_public_access_block" "access_log" {
+  bucket = aws_s3_bucket.access_log.id
+
+  block_public_acls = true
+  block_public_policy = true
+  ignore_public_acls = true
+  restrict_public_buckets = true
+}
+
 resource "aws_s3_bucket" "content" {
   bucket = var.bucket_name
 
@@ -50,3 +59,11 @@ resource "aws_s3_bucket" "content" {
   }
 }
 
+resource "aws_s3_bucket_public_access_block" "content" {
+  bucket = aws_s3_bucket.content.id
+
+  block_public_acls = true
+  block_public_policy = true
+  ignore_public_acls = true
+  restrict_public_buckets = true
+}

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,15 @@ resource "aws_s3_bucket" "access_log" {`
`16`	`16`	`}`
`17`	`17`	`}`
`18`	`18`
	`19`	`+resource "aws_s3_bucket_public_access_block" "access_log" {`
	`20`	`+ bucket = aws_s3_bucket.access_log.id`
	`21`	`+`
	`22`	`+ block_public_acls = true`
	`23`	`+ block_public_policy = true`
	`24`	`+ ignore_public_acls = true`
	`25`	`+ restrict_public_buckets = true`
	`26`	`+}`
	`27`	`+`
`19`	`28`	`resource "aws_s3_bucket" "content" {`
`20`	`29`	`bucket = var.bucket_name`
`21`	`30`
`@@ -50,3 +59,11 @@ resource "aws_s3_bucket" "content" {`
`50`	`59`	`}`
`51`	`60`	`}`
`52`	`61`
	`62`	`+resource "aws_s3_bucket_public_access_block" "content" {`
	`63`	`+ bucket = aws_s3_bucket.content.id`
	`64`	`+`
	`65`	`+ block_public_acls = true`
	`66`	`+ block_public_policy = true`
	`67`	`+ ignore_public_acls = true`
	`68`	`+ restrict_public_buckets = true`
	`69`	`+}`