From 21b2511ec138e26874ec31929bb7cbfbbbf66881 Mon Sep 17 00:00:00 2001
From: Gerard Setho <gerard.setho@quantum.security>
Date: Tue, 6 Jul 2021 15:19:33 +0800
Subject: [PATCH] EN-469: Add versioning_enabled to log S3 bucket (fix)

The _private_s3_logs_ S3 bucket did not have _versioning_
enabled, and TFsec was showing errors because of that.
This fixes that.
---
 modules/aws-s3-private/main.tf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/aws-s3-private/main.tf b/modules/aws-s3-private/main.tf
index 81851c1..82bdd94 100644
--- a/modules/aws-s3-private/main.tf
+++ b/modules/aws-s3-private/main.tf
@@ -81,6 +81,10 @@ resource "aws_s3_bucket" "private_s3_logs" {
   bucket = local.logging_bucket_name
   acl    = "log-delivery-write"
 
+  versioning {
+    enabled = var.versioning_enabled
+  }
+
   server_side_encryption_configuration {
     rule {
       apply_server_side_encryption_by_default {