You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| <aname="input_access_key_enabled"></a> [access\_key\_enabled](#input\_access\_key\_enabled)| Set to `true` to create an IAM Access Key for the created IAM user |`bool`|`true`| no |
261
261
| <aname="input_acl"></a> [acl](#input\_acl)| The [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) to apply.<br/>Deprecated by AWS in favor of bucket policies.<br/>Automatically disabled if `s3_object_ownership` is set to "BucketOwnerEnforced".<br/>Defaults to "private" for backwards compatibility, but we recommend setting `s3_object_ownership` to "BucketOwnerEnforced" instead. |`string`|`"private"`| no |
262
262
| <aname="input_additional_tag_map"></a> [additional\_tag\_map](#input\_additional\_tag\_map)| Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.<br/>This is for some rare cases where resources want additional configuration of tags<br/>and therefore take a list of maps with tag key, value, and additional configuration. |`map(string)`|`{}`| no |
@@ -270,6 +270,7 @@ module "s3_bucket" {
270
270
| <aname="input_blocked_encryption_types"></a> [blocked\_encryption\_types](#input\_blocked\_encryption\_types)| List of encryption types to block on the bucket, passed to the `rule` block of<br/>`aws_s3_bucket_server_side_encryption_configuration`.<br/><br/>Defaults to `null` (attribute omitted) so the module remains compatible with `hashicorp/aws` provider<br/>versions older than 6.22.0, which do not know this field.<br/><br/>On provider >= 6.22.0, AWS's `GetBucketEncryption` returns `blocked_encryption_types = ["NONE"]` by default,<br/>which does not round-trip with an omitted/empty list and causes perpetual in-place diffs on<br/>`aws_s3_bucket_server_side_encryption_configuration`. To silence that drift, set this to `["NONE"]`. |`list(string)`|`null`| no |
271
271
| <aname="input_bucket_key_enabled"></a> [bucket\_key\_enabled](#input\_bucket\_key\_enabled)| Set this to true to use Amazon S3 Bucket Keys for SSE-KMS, which may or may not reduce the number of AWS KMS requests.<br/>For more information, see: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-key.html|`bool`|`false`| no |
272
272
| <aname="input_bucket_name"></a> [bucket\_name](#input\_bucket\_name)| Bucket name. If provided, the bucket will be created with this name instead of generating the name from the context |`string`|`null`| no |
273
+
| <aname="input_bucket_namespace"></a> [bucket\_namespace](#input\_bucket\_namespace)| Namespace for the bucket. Determines bucket naming scope. Valid values: account-regional, global. |`string`|`"global"`| no |
273
274
| <aname="input_context"></a> [context](#input\_context)| Single object for setting entire context at once.<br/>See description of individual variables for details.<br/>Leave string and numeric variables as `null` to use default value.<br/>Individual variable settings (non-null) override settings in context object,<br/>except for attributes, tags, and additional\_tag\_map, which are merged. |`any`| <pre>{<br/> "additional_tag_map": {},<br/> "attributes": [],<br/> "delimiter": null,<br/> "descriptor_formats": {},<br/> "enabled": true,<br/> "environment": null,<br/> "id_length_limit": null,<br/> "label_key_case": null,<br/> "label_order": [],<br/> "label_value_case": null,<br/> "labels_as_tags": [<br/> "unset"<br/> ],<br/> "name": null,<br/> "namespace": null,<br/> "regex_replace_chars": null,<br/> "stage": null,<br/> "tags": {},<br/> "tenant": null<br/>}</pre> | no |
274
275
| <aname="input_cors_configuration"></a> [cors\_configuration](#input\_cors\_configuration)| Specifies the allowed headers, methods, origins and exposed headers when using CORS on this bucket | <pre>list(object({<br/> id = optional(string)<br/> allowed_headers = optional(list(string))<br/> allowed_methods = optional(list(string))<br/> allowed_origins = optional(list(string))<br/> expose_headers = optional(list(string))<br/> max_age_seconds = optional(number)<br/> }))</pre> |`[]`| no |
275
276
| <aname="input_create_s3_directory_bucket"></a> [create\_s3\_directory\_bucket](#input\_create\_s3\_directory\_bucket)| Control the creation of the S3 directory bucket. Set to true to create the bucket, false to skip. |`bool`|`false`| no |
@@ -327,7 +328,7 @@ module "s3_bucket" {
327
328
## Outputs
328
329
329
330
| Name | Description |
330
-
|------|-------------|
331
+
|----|-----------|
331
332
| <aname="output_access_key_id"></a> [access\_key\_id](#output\_access\_key\_id)| The access key ID, if `var.user_enabled && var.access_key_enabled`.<br/>While sensitive, it does not need to be kept secret, so this is output regardless of `var.store_access_key_in_ssm`. |
332
333
| <aname="output_access_key_id_ssm_path"></a> [access\_key\_id\_ssm\_path](#output\_access\_key\_id\_ssm\_path)| The SSM Path under which the S3 User's access key ID is stored |
0 commit comments