Usage

To use this module in your Terraform, refer to the below module example:

module "aws_lambda_s3_bucket_provisioning" {
  source = "git::https://github.com/dicomgrid/pt-modules.git?ref=null"

  # See inputs below for additional required parameters
}

Attributes

Requirements

Name	Version
terraform	>= 1.0.9
aws	~> 4.47.0

Providers

Name	Version
aws.ambra_storage1_account	~> 4.47.0
aws.primary	~> 4.47.0

Modules

No modules.

Resources

Name	Type
aws_iam_instance_profile.main	resource
aws_iam_policy.assume_s3_bucket_manager_in_sub_account	resource
aws_iam_policy.main	resource
aws_iam_policy.s3objectmanager	resource
aws_iam_role.iam_for_s3_bucket_provisioning	resource
aws_iam_role.main	resource
aws_iam_role_policy_attachment.main	resource
aws_iam_role_policy_attachment.s3_bucket_provisioning_assume_sub_account	resource
aws_iam_role_policy_attachment.s3objectmanager	resource
aws_lambda_alias.lambda_alias	resource
aws_lambda_function.s3_bucket_provisioning	resource
aws_lambda_function_url.s3_bucket_provisioning_alias_url	resource
aws_lambda_function_url.s3_bucket_provisioning_url	resource
aws_s3_bucket.ambra_orphan_bucket	resource
aws_s3_bucket.ambra_phr_bucket	resource
aws_s3_bucket_lifecycle_configuration.ambra_orphan_bucket	resource
aws_s3_bucket_lifecycle_configuration.ambra_phr_bucket	resource
aws_s3_bucket_policy.ambra_orphan_bucket_policy	resource
aws_s3_bucket_policy.ambra_phr_bucket_policy	resource
aws_s3_bucket_server_side_encryption_configuration.ambra_orphan_bucket_encryption	resource
aws_s3_bucket_server_side_encryption_configuration.ambra_phr_bucket_encryption	resource
aws_s3_bucket_versioning.ambra_orphan_bucket	resource
aws_s3_bucket_versioning.ambra_phr_bucket	resource
aws_iam_policy.AWSOrganizationsReadOnlyAccess	data source
aws_iam_policy_document.ambra_orphan_bucket_policy_document	data source
aws_iam_policy_document.ambra_phr_bucket_policy_document	data source
aws_iam_policy_document.assume_s3_bucket_manager_in_sub_account_document	data source
aws_iam_policy_document.s3-bucket-provisioning-instance-profile	data source

Inputs

Name	Description	Type	Default	Required
access_logging	n/a	bool	true	no
ambra_storage1_account	AWS account ID for PHR/Orphan storage	string	""	no
ambra_storage_accounts	A list of Ambra/Intelerad storage accounts for imaging data	set(string)	[]	no
aws_region	AWS region	string	""	no
environment	Ambra code environment	string	""	no
instance_role	n/a	string	""	no
lambda_execution_role_name	n/a	string	"s3-bucket-provisioning-lambda-execution-role"	no
max_buckets_per_account	The maximum number of S3 buckets in a given AWS account	number	750	no
object_expiration	n/a	number	14	no
primary_account	n/a	string	""	no
s3objectmanager_policy_name	adding follow 3 variables the rare occasion where the lambda will exist on the same acct(different regions). this will allow for the creation of different policies that will limit scope of allowed roles to assume	string	"s3ObjectManager"	no
services_instance_profile_name	n/a	string	"s3-bucket-provisioning-instance-profile"	no
timeout	n/a	string	"60"	no

Outputs

No outputs.

Changelog