diff options
| author | Saumit <justsaumit@protonmail.com> | 2025-09-28 04:14:10 +0530 |
|---|---|---|
| committer | Saumit <justsaumit@protonmail.com> | 2025-09-28 04:14:10 +0530 |
| commit | 44b0d2d9dea535d5580d78ae4a5082732639e2bf (patch) | |
| tree | aa43fa10be6e3fa3348683cc0c866d8876af00d1 | |
| parent | 912405a8f3f6b831b9abcf6e16a9372160e7ce32 (diff) | |
backend: Update S3 bucket configuration and add public access block
| -rw-r--r-- | astroshop-terraform/backend.tf | 17 | ||||
| -rw-r--r-- | astroshop-terraform/modules/vpc/README.md | 4 | ||||
| -rw-r--r-- | astroshop-terraform/modules/vpc/main.tf | 3 |
3 files changed, 18 insertions, 6 deletions
diff --git a/astroshop-terraform/backend.tf b/astroshop-terraform/backend.tf index 88e6e36..d962b6b 100644 --- a/astroshop-terraform/backend.tf +++ b/astroshop-terraform/backend.tf @@ -19,9 +19,20 @@ resource "aws_s3_bucket_versioning" "terraform_state" { resource "aws_s3_bucket_server_side_encryption_configuration" "terraform_state" { bucket = aws_s3_bucket.terraform_state.id - rule { - apply_server_side_encryption_by_default { - sse_algorithm = "AES256" + server_side_encryption_configuration { + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" + } } } +} + +resource "aws_s3_bucket_public_access_block" "terraform_state" { + bucket = aws_s3_bucket.terraform_state.id + + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true }
\ No newline at end of file diff --git a/astroshop-terraform/modules/vpc/README.md b/astroshop-terraform/modules/vpc/README.md index bac9af0..7c30b17 100644 --- a/astroshop-terraform/modules/vpc/README.md +++ b/astroshop-terraform/modules/vpc/README.md @@ -207,8 +207,8 @@ Private Subnets (3): ``` ┌────────────────────────────────────────────────────────────┐ -│ INTERNET │ -└───────────────────────┬──────────────────────────────────────┘ +│ INTERNET │ +└───────────────────────┬────────────────────────────────────┘ │ IGW (Internet Gateway) │ diff --git a/astroshop-terraform/modules/vpc/main.tf b/astroshop-terraform/modules/vpc/main.tf index 3694588..5e11a2c 100644 --- a/astroshop-terraform/modules/vpc/main.tf +++ b/astroshop-terraform/modules/vpc/main.tf @@ -4,7 +4,8 @@ resource "aws_vpc" "main" { enable_dns_hostnames = true tags = { - Name = "${var.cluster_name}-vpc" + Name = "${var.cluster_name}-vpc" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" } } |