AWS Amazon S3 Gateway
This page shows how to write Terraform for Amazon S3 Gateway and write them securely.
aws_storagegateway_gateway (Terraform)
The Gateway in Amazon S3 can be configured in Terraform with the resource name aws_storagegateway_gateway
. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_storagegateway_gateway" "this" {
gateway_ip_address = var.gateway_ip
gateway_name = "storage-gateway"
gateway_timezone = "GMT"
gateway_type = "FILE_S3"
resource "aws_storagegateway_gateway" "this" {
activation_key = var.activation_key
average_download_rate_limit_in_bits_per_sec = var.average_download_rate_limit_in_bits_per_sec
average_upload_rate_limit_in_bits_per_sec = var.average_upload_rate_limit_in_bits_per_sec
cloudwatch_log_group_arn = var.cloudwatch_log_group_arn
gateway_ip_address = var.gateway_ip_address
resource "aws_storagegateway_gateway" "storage-gateway" {
gateway_ip_address = aws_instance.ec2-FileGateway.public_ip
gateway_name = "storage-gateway"
gateway_timezone = "GMT+9:00"
gateway_type = "FILE_S3"
Parameters
-
activation_key
optional computed - string -
arn
optional computed - string -
average_download_rate_limit_in_bits_per_sec
optional - number -
average_upload_rate_limit_in_bits_per_sec
optional - number -
cloudwatch_log_group_arn
optional - string -
ec2_instance_id
optional computed - string -
endpoint_type
optional computed - string -
gateway_id
optional computed - string -
gateway_ip_address
optional computed - string -
gateway_name
required - string -
gateway_network_interface
optional computed - list of object-
ipv4_address
- string
-
-
gateway_timezone
required - string -
gateway_type
optional - string -
gateway_vpc_endpoint
optional - string -
host_environment
optional computed - string -
id
optional computed - string -
medium_changer_type
optional - string -
smb_file_share_visibility
optional - bool -
smb_guest_password
optional - string -
smb_security_strategy
optional computed - string -
tags
optional - map from string to string -
tape_drive_type
optional - string -
smb_active_directory_settings
list block-
active_directory_status
optional computed - string -
domain_controllers
optional - set of string -
domain_name
required - string -
organizational_unit
optional - string -
password
required - string -
timeout_in_seconds
optional - number -
username
required - string
-
-
timeouts
single block-
create
optional - string
-
Explanation in Terraform Registry
Manages an AWS Storage Gateway file, tape, or volume gateway in the provider region.
NOTE: The Storage Gateway API requires the gateway to be connected to properly return information after activation. If you are receiving
The specified gateway is not connected
errors during resource creation (gateway activation), ensure your gateway instance meets the Storage Gateway requirements.
Tips: Best Practices for The Other AWS Amazon S3 Resources
In addition to the aws_s3_bucket_public_access_block, AWS Amazon S3 has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_s3_bucket_public_access_block
Ensure S3 bucket-level Public Access Block restricts public bucket policies
It is better to enable S3 bucket-level Public Access Block if you don't need public buckets.
aws_s3_bucket
Ensure S3 bucket access policy is well configured
It is better to configure the S3 bucket access policy properly to limit it unless explicitly required.
CloudFormation Example
CloudFormation code does not have the related resource.
Frequently asked questions
What is AWS Amazon S3 Gateway?
AWS Amazon S3 Gateway is a resource for Amazon S3 of Amazon Web Service. Settings can be wrote in Terraform.
Where can I find the example code for the AWS Amazon S3 Gateway?
For Terraform, the andy-wolf/terraform-modules, niveklabs/aws and EASThyeok/soldeskTEAM1 source code examples are useful. See the Terraform Example section for further details.