From 32cade87c8c19f6cafdc99e186c012b04ddefe20 Mon Sep 17 00:00:00 2001 From: Mike VanDenburgh Date: Mon, 9 Sep 2024 14:13:07 -0400 Subject: [PATCH] Enable trailing delete in production --- terraform/modules/dandiset_bucket/main.tf | 4 ++-- terraform/modules/dandiset_bucket/variables.tf | 7 ------- terraform/sponsored_bucket.tf | 2 -- terraform/staging_bucket.tf | 2 -- 4 files changed, 2 insertions(+), 13 deletions(-) diff --git a/terraform/modules/dandiset_bucket/main.tf b/terraform/modules/dandiset_bucket/main.tf index 3143fc1..a485ce0 100644 --- a/terraform/modules/dandiset_bucket/main.tf +++ b/terraform/modules/dandiset_bucket/main.tf @@ -283,7 +283,7 @@ data "aws_iam_policy_document" "dandiset_bucket_policy" { } dynamic "statement" { - for_each = var.trailing_delete ? [1] : [] + for_each = var.versioning ? [1] : [] content { sid = "PreventDeletionOfObjectVersions" @@ -313,7 +313,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "expire_deleted_objects" { # Must have bucket versioning enabled first depends_on = [aws_s3_bucket_versioning.dandiset_bucket] - count = var.trailing_delete ? 1 : 0 + count = var.versioning ? 1 : 0 bucket = aws_s3_bucket.dandiset_bucket.id diff --git a/terraform/modules/dandiset_bucket/variables.tf b/terraform/modules/dandiset_bucket/variables.tf index b6dc9ad..0eaf7db 100644 --- a/terraform/modules/dandiset_bucket/variables.tf +++ b/terraform/modules/dandiset_bucket/variables.tf @@ -34,10 +34,3 @@ variable "log_bucket_name" { type = string description = "The name of the log bucket." } - -# TODO: this can be inferred from the "versioning" variable once we're ready -# to deploy this to the production bucket as well. -variable "trailing_delete" { - type = bool - description = "Whether or not trailing delete should be enabled on the bucket." -} diff --git a/terraform/sponsored_bucket.tf b/terraform/sponsored_bucket.tf index a1d32ce..3a58675 100644 --- a/terraform/sponsored_bucket.tf +++ b/terraform/sponsored_bucket.tf @@ -3,7 +3,6 @@ module "sponsored_dandiset_bucket" { bucket_name = "dandiarchive" public = true versioning = true - trailing_delete = false allow_cross_account_heroku_put_object = true heroku_user = data.aws_iam_user.api log_bucket_name = "dandiarchive-logs" @@ -17,7 +16,6 @@ module "sponsored_embargo_bucket" { source = "./modules/dandiset_bucket" bucket_name = "dandiarchive-embargo" versioning = false - trailing_delete = false heroku_user = data.aws_iam_user.api log_bucket_name = "dandiarchive-embargo-logs" providers = { diff --git a/terraform/staging_bucket.tf b/terraform/staging_bucket.tf index b6ceeea..c0481d6 100644 --- a/terraform/staging_bucket.tf +++ b/terraform/staging_bucket.tf @@ -3,7 +3,6 @@ module "staging_dandiset_bucket" { bucket_name = "dandi-api-staging-dandisets" public = true versioning = true - trailing_delete = true allow_heroku_put_object = true heroku_user = data.aws_iam_user.api_staging log_bucket_name = "dandi-api-staging-dandiset-logs" @@ -17,7 +16,6 @@ module "staging_embargo_bucket" { source = "./modules/dandiset_bucket" bucket_name = "dandi-api-staging-embargo-dandisets" versioning = false - trailing_delete = false heroku_user = data.aws_iam_user.api_staging log_bucket_name = "dandi-api-staging-embargo-dandisets-logs" providers = {