AWS Terraspace Plugin
The AWS Terraspace Plugin adds support for the automatic creation of the backend storage s3 bucket and dynamodb table. By default:
- S3 Buckets are secured with encryption, have an enforce ssl bucket policy, have versioning enabled, and have a lifecycle policy. Bucket server access logging and also be optionally enabled.
- DynamoDB tables have encryption enabled using the AWS Managed KMS Key for DynamoDB.
The plugin settings are configurable with:
TerraspacePluginAws.configure do |config| config.auto_create = true # set to false to completely disable auto creation config.s3.encryption = true config.s3.enforce_ssl = true config.s3.versioning = true config.s3.lifecycle = true config.s3.access_logging = false # false is the default setting config.s3.secure_existing = false # run the security controls on existing buckets. by default, only run on newly created bucket the first time config.dynamodb.encryption = true config.dynamodb.kms_master_key_id = nil config.dynamodb.sse_type = "KMS" end
For more docs, refer to the plugin itself: terraspace_plugin_aws.