From 9f13ace88cc71a8a784a36ec11266388627fc90a Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Sun, 7 Jan 2024 13:49:35 +0000
Subject: [PATCH] Use newer S3 configuration resources

---
 terraform/state.tf | 36 +++++++++++++++++++++++++++++-------
 1 file changed, 29 insertions(+), 7 deletions(-)

diff --git a/terraform/state.tf b/terraform/state.tf
index ecd224e..e630c32 100644
--- a/terraform/state.tf
+++ b/terraform/state.tf
@@ -4,20 +4,42 @@ resource "aws_iam_user" "terraform" {
 
 resource "aws_s3_bucket" "tfstate" {
   bucket = "0rng-terraform"
-  acl    = "private"
+}
 
-  versioning {
-    enabled = true
+resource "aws_s3_bucket_versioning" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+
+  versioning_configuration {
+    status = "Enabled"
   }
+}
 
-  lifecycle_rule {
-    enabled = true
+resource "aws_s3_bucket_server_side_encryption_configuration" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.bucket
 
-    noncurrent_version_expiration {
-      days = 10
+  rule {
+    apply_server_side_encryption_by_default {
+      sse_algorithm = "AES256"
     }
   }
+}
 
+resource "aws_s3_bucket_lifecycle_configuration" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+
+  rule {
+    id     = "Delete old non-current versions"
+    status = "Enabled"
+
+    noncurrent_version_expiration {
+      noncurrent_days = 30
+    }
+  }
+}
+
+resource "aws_s3_bucket_acl" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+  acl    = "private"
 }
 
 resource "aws_iam_user_policy" "modify-terraform-user" {