AWS S3 bucket Terraform module
Upstream version 5.14.0
7 controls from HIPAA Omnibus Rule 2013 requirements
Terraform Module Source
hipaa.compliance.tf/terraform-aws-modules/s3-bucket/awsBehavioral Summary
This module modifies 4 variable defaults and makes 0 resource changes from the upstream module. All changes are driven by compliance controls and can be reviewed in detail below.
Your Code Impact
If you are migrating from the upstream module, the enforced default changes mean your existing configurations will automatically gain compliance controls. Variables you have explicitly set will continue to use your values. Review the diff below to understand exactly what changes.
Compared to
terraform-aws-modules/s3-bucket/aws@5.14.04 changesVariables Changed
4| Variable | Upstream | CTF | Reason | Control |
|---|---|---|---|---|
| object_lock_enabled | false | true | Ensure that your AWS Simple Storage Service (AWS S3) bucket has lock enabled, by default. | s3_bucket_object_lock_enabled |
| replication_configuration | {} | { "rules": [ { "status": "Enabled" } ] } | AWS Simple Storage Service (AWS S3) Cross-Region Replication (CRR) supports maintaining adequate capacity and availability. | s3_bucket_cross_region_replication_enabled |
| server_side_encryption_configuration | {} | { "rule": { "apply_server_side_encryption_by_defaul... | To help protect data at rest, ensure encryption is enabled for your AWS Simple Storage Service (AWS S3) buckets. | s3_bucket_default_encryption_enabled_kms |
| versioning | {} | { "enabled": "Enabled" } | AWS Simple Storage Service (AWS S3) bucket versioning helps keep multiple variants of an object in the same AWS S3 bucket. | s3_bucket_versioning_enabled |