Terraform Module for managing s3 bucket cross-account cross-region replication.
-
source_bucket_name
- Name for the source bucket (which will be created by this module) -
source_region
- Region for source bucket -
dest_bucket_name
- Name for the destination bucket (optionally created by this module) -
dest_region
- Region for the destination bucket -
replication_name
- Short name for this replication (used in IAM roles and source bucket configuration) -
Terraform 0.11 module provider inheritance block:
-
aws.source_of_replication
- AWS provider alias for source account -
aws.destination_of_replication
- AWS provider alias for destination account
create_dest_bucket
- Boolean for whether this module should create the destination bucketreplicate_prefix
- Prefix to replicate, default""
for all objects. Note if specifying, must end in a/
provider "aws" {
alias = "source"
profile = "source-account-aws-profile"
region = "us-west-1"
}
provider "aws" {
alias = "dest"
profile = "dest-account-aws-profile"
region = "us-east-1"
}
module "s3-cross-account-replication" {
source = "github.com/asicsdigital/terraform-aws-s3-cross-account-replication?ref=v1.0.0"
source_bucket_name = "source-bucket"
source_region = "us-west-1"
dest_bucket_name = "dest-bucket"
dest_region = "us-east-1"
replication_name = "my-replication-name"
providers {
"aws.source_of_replication" = "source_of_replication"
"aws.destination_of_replication" = "aws.destination_of_replication"
}
}
output "dest_account_id" {
value = "${module.s3-cross-account-replication.dest_account_id}"
}
- Set
create_dest_bucket
to false - Run terraform apply
- Copy the output
dest_bucket_policy_json
into the bucket policy for the destination bucket - Ensure that versioning is enabled for the destination bucket (Cross-region replication requires versioning be enabled: see Requirements at https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html)
- Also follow the manual step above to enable setting owner on replicated objects
dest_bucket_policy_json
- The S3 bucket policy that must be added on the destination bucket manually ifcreate_dest_bucket
is false.
1.0.0 - Initial release
2.0.0 - TF 0.12.X
3.0.0 - Rename povider
This software is released under the MIT License (see LICENSE
).