AWS S3 bucket Terraform module
Upstream version 5.14.0
4 controls from EU GMP Annex 11 requirements
Terraform Module Source
eugmpannex11.compliance.tf/terraform-aws-modules/s3-bucket/awsBehavioral Summary
This module modifies 4 variable defaults and makes 0 resource changes from the upstream module. All changes are driven by compliance controls and can be reviewed in detail below.
Your Code Impact
If you are migrating from the upstream module, the enforced default changes mean your existing configurations will automatically gain compliance controls. Variables you have explicitly set will continue to use your values. Review the diff below to understand exactly what changes.
Compared to
terraform-aws-modules/s3-bucket/aws@5.14.04 changesVariables Changed
4| Variable | Upstream | CTF | Reason | Control |
|---|---|---|---|---|
| lifecycle_rule | [] | [ { "status": "Enabled" } ] | This control checks if AWS Simple Storage Service (AWS S3) version enabled buckets have lifecycle policy configured. This rule fails if AWS S3 lifecycle policy is not enabled. | s3_bucket_versioning_and_lifecycle_policy_enabled |
| replication_configuration | {} | { "rules": [ { "status": "Enabled" } ] } | AWS Simple Storage Service (AWS S3) Cross-Region Replication (CRR) supports maintaining adequate capacity and availability. | s3_bucket_cross_region_replication_enabled |
| server_side_encryption_configuration | {} | { "rule": { "apply_server_side_encryption_by_defaul... | To help protect data at rest, ensure encryption is enabled for your AWS Simple Storage Service (AWS S3) buckets. | s3_bucket_default_encryption_enabled_kms |
| versioning | {} | { "enabled": "Enabled" } | AWS Simple Storage Service (AWS S3) bucket versioning helps keep multiple variants of an object in the same AWS S3 bucket. | s3_bucket_versioning_enabled |