DevToolbox

Define S3 Bucket Configuration as an Object Variable

Create a Terraform object variable for S3 bucket settings including versioning, encryption, lifecycle rules, and access logging.

Resource Configuration

Detailed Explanation

S3 Bucket Configuration Object

Instead of scattering S3 settings across multiple variables, group them into a single object variable. This makes the module interface cleaner and keeps related settings together.

Variable Definition

variable "s3_config" {
  type = object({
    bucket_name       = string
    versioning        = bool
    encryption        = bool
    lifecycle_days    = number
    access_logging    = bool
    force_destroy     = bool
  })
  description = "S3 bucket configuration settings"
  default = {
    bucket_name       = "my-app-data"
    versioning        = true
    encryption        = true
    lifecycle_days    = 90
    access_logging    = false
    force_destroy     = false
  }
}

Using in Resources

resource "aws_s3_bucket" "main" {
  bucket        = "${var.project_name}-${var.environment}-${var.s3_config.bucket_name}"
  force_destroy = var.s3_config.force_destroy
}

resource "aws_s3_bucket_versioning" "main" {
  bucket = aws_s3_bucket.main.id
  versioning_configuration {
    status = var.s3_config.versioning ? "Enabled" : "Disabled"
  }
}

resource "aws_s3_bucket_server_side_encryption_configuration" "main" {
  count  = var.s3_config.encryption ? 1 : 0
  bucket = aws_s3_bucket.main.id

  rule {
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

Environment-Specific Overrides

# dev.tfvars
s3_config = {
  bucket_name    = "dev-data"
  versioning     = false
  encryption     = true
  lifecycle_days = 30
  access_logging = false
  force_destroy  = true
}

# prod.tfvars
s3_config = {
  bucket_name    = "prod-data"
  versioning     = true
  encryption     = true
  lifecycle_days = 365
  access_logging = true
  force_destroy  = false
}

Object vs. Separate Variables

Approach Pros Cons
Single object Grouped, clean interface All-or-nothing defaults
Separate vars Fine-grained defaults More variables to manage

The object approach works best when settings are logically cohesive and typically configured together.

Use Case

S3 bucket modules where versioning, encryption, lifecycle, and logging settings vary between development (minimal) and production (full compliance) environments.

Try It — Terraform Variable Generator

Open full tool

Related Topics

Define Common Tags as a map(string) Variable

Common Patterns

Define Environment Name Variable with Allowed Values

Common Patterns

Define Project Name Variable with Naming Convention Validation

Common Patterns

Define Sensitive Database Credential Variables

Common Patterns

Define Security Group Rules as Object Variables

Networking