AWS Amazon S3 Gateway
This page shows how to write Terraform for Amazon S3 Gateway and write them securely.
aws_storagegateway_gateway (Terraform)
The Gateway in Amazon S3 can be configured in Terraform with the resource name aws_storagegateway_gateway. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_storagegateway_gateway" "this" {
gateway_ip_address = var.gateway_ip
gateway_name = "storage-gateway"
gateway_timezone = "GMT"
gateway_type = "FILE_S3"
resource "aws_storagegateway_gateway" "this" {
activation_key = var.activation_key
average_download_rate_limit_in_bits_per_sec = var.average_download_rate_limit_in_bits_per_sec
average_upload_rate_limit_in_bits_per_sec = var.average_upload_rate_limit_in_bits_per_sec
cloudwatch_log_group_arn = var.cloudwatch_log_group_arn
gateway_ip_address = var.gateway_ip_address
resource "aws_storagegateway_gateway" "storage-gateway" {
gateway_ip_address = aws_instance.ec2-FileGateway.public_ip
gateway_name = "storage-gateway"
gateway_timezone = "GMT+9:00"
gateway_type = "FILE_S3"
Parameters
-
activation_keyoptional computed - string -
arnoptional computed - string -
average_download_rate_limit_in_bits_per_secoptional - number -
average_upload_rate_limit_in_bits_per_secoptional - number -
cloudwatch_log_group_arnoptional - string -
ec2_instance_idoptional computed - string -
endpoint_typeoptional computed - string -
gateway_idoptional computed - string -
gateway_ip_addressoptional computed - string -
gateway_namerequired - string -
gateway_network_interfaceoptional computed - list of object-
ipv4_address- string
-
-
gateway_timezonerequired - string -
gateway_typeoptional - string -
gateway_vpc_endpointoptional - string -
host_environmentoptional computed - string -
idoptional computed - string -
medium_changer_typeoptional - string -
smb_file_share_visibilityoptional - bool -
smb_guest_passwordoptional - string -
smb_security_strategyoptional computed - string -
tagsoptional - map from string to string -
tape_drive_typeoptional - string -
smb_active_directory_settingslist block-
active_directory_statusoptional computed - string -
domain_controllersoptional - set of string -
domain_namerequired - string -
organizational_unitoptional - string -
passwordrequired - string -
timeout_in_secondsoptional - number -
usernamerequired - string
-
-
timeoutssingle block-
createoptional - string
-
Explanation in Terraform Registry
Manages an AWS Storage Gateway file, tape, or volume gateway in the provider region.
NOTE: The Storage Gateway API requires the gateway to be connected to properly return information after activation. If you are receiving
The specified gateway is not connectederrors during resource creation (gateway activation), ensure your gateway instance meets the Storage Gateway requirements.
Tips: Best Practices for The Other AWS Amazon S3 Resources
In addition to the aws_s3_bucket_public_access_block, AWS Amazon S3 has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_s3_bucket_public_access_block
Ensure S3 bucket-level Public Access Block restricts public bucket policies
It is better to enable S3 bucket-level Public Access Block if you don't need public buckets.
aws_s3_bucket
Ensure S3 bucket access policy is well configured
It is better to configure the S3 bucket access policy properly to limit it unless explicitly required.
CloudFormation Example
CloudFormation code does not have the related resource.
Frequently asked questions
What is AWS Amazon S3 Gateway?
AWS Amazon S3 Gateway is a resource for Amazon S3 of Amazon Web Service. Settings can be wrote in Terraform.
Where can I find the example code for the AWS Amazon S3 Gateway?
For Terraform, the andy-wolf/terraform-modules, niveklabs/aws and EASThyeok/soldeskTEAM1 source code examples are useful. See the Terraform Example section for further details.
