Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dumrauf/aws_log_bucket

Creates an AWS Log Bucket that can be used to store CloudFront access logs
https://github.com/dumrauf/aws_log_bucket

aws logging s3 s3-bucket

Last synced: 17 days ago
JSON representation

Creates an AWS Log Bucket that can be used to store CloudFront access logs

Host: GitHub
URL: https://github.com/dumrauf/aws_log_bucket
Owner: dumrauf
License: mit
Created: 2018-06-22T22:21:41.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2023-12-22T22:08:09.000Z (11 months ago)
Last Synced: 2024-10-13T02:08:52.528Z (about 1 month ago)
Topics: aws, logging, s3, s3-bucket
Language: HCL
Homepage:
Size: 10.7 KB
Stars: 2
Watchers: 3
Forks: 3
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# AWS Log Bucket

This repository contains a Terraform module that creates a logging bucket. The logging bucket can then be used to store [CloudFront access logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html), [S3 access logs](https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html#how-logs-delivered) or most other of AWS's logs.

> For further information, see the corresponding article on [https://www.how-hard-can-it.be/aws-logging-buckets/](https://www.how-hard-can-it.be/aws-logging-buckets/).

## You Have

Before you can use the Terraform module in this repository out of the box, you need

- an [AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html)
- a [Terraform](https://www.terraform.io/intro/getting-started/install.html) CLI

## You Want

After running the Terraform module in this repository you get an S3 bucket which can be used to store AWS's logs.

## Setup

The input variables for the module are defined in [settings/example.tfvars](settings/example.tfvars) to be
```hcl
region = "us-east-1"

shared_credentials_file = "/path/to/.aws/credentials"

profile = ""

log_bucket_prefix = "-"
```
Here, you need to replace the example values with your settings. Note that you also need to update the `log_bucket_prefix` as the current value is _not a valid input_.

## Execution

Initialise Terraform by running
```
terraform init
```
As a best practice, create a new workspace by running
```
terraform workspace new example
```
The log bucket can be planned by running
```
terraform plan -var-file=settings/example.tfvars
```
and created by running
```
terraform apply -var-file=settings/example.tfvars
```

## Outputs

The module has two outputs, namely `log_bucket_id` and `bucket_domain_name` which are the corresponding Terraform attributes of the newly created log bucket.

## Deletion

The logging bucket can be deleted by running
```
terraform destroy -var-file=settings/example.tfvars
```

## FAQs

### Why's the Bucket Not Emptied Before It's Destroyed?

The `force_destroy` option is deliberately set to `false` in order to avoid accidental deletion of the contents when running `terraform destroy`. It's essentially a safety net. Feel free to change it and use it at your own risk.

## AWS Logging Overview

For a detailed overview of AWS Logging, see the excellent article on [https://logmatic.io/blog/everything-you-need-to-know-about-aws-logging/](https://logmatic.io/blog/everything-you-need-to-know-about-aws-logging/).