Resource: aws_glacier_vault_lock

Manages a Glacier Vault Lock. You can refer to the Glacier Developer Guide for a full explanation of the Glacier Vault Lock functionality.

Example Usage

Testing Glacier Vault Lock Policy

resource "aws_glacier_vault" "example" {
  name = "example"
}

data "aws_iam_policy_document" "example" {
  statement {
    actions   = ["glacier:DeleteArchive"]
    effect    = "Deny"
    resources = [aws_glacier_vault.example.arn]

    condition {
      test     = "NumericLessThanEquals"
      variable = "glacier:ArchiveAgeinDays"
      values   = ["365"]
    }
  }
}

resource "aws_glacier_vault_lock" "example" {
  complete_lock = false
  policy        = data.aws_iam_policy_document.example.json
  vault_name    = aws_glacier_vault.example.name
}

Permanently Applying Glacier Vault Lock Policy

resource "aws_glacier_vault_lock" "example" {
  complete_lock = true
  policy        = data.aws_iam_policy_document.example.json
  vault_name    = aws_glacier_vault.example.name
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import Glacier Vault Locks using the Glacier Vault name. For example:

import {
  to = aws_glacier_vault_lock.example
  id = "example-vault"
}

Using terraform import, import Glacier Vault Locks using the Glacier Vault name. For example:

% terraform import aws_glacier_vault_lock.example example-vault