Merge pull request #1 from danbarr:add-security-requirements

Add encryption and versioning configs

Author: danbarr

README.md

@@ -36,6 +36,8 @@ No modules.
 | [aws_s3_bucket_ownership_controls.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls) | resource |
 | [aws_s3_bucket_policy.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
 | [aws_s3_bucket_public_access_block.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
+| [aws_s3_bucket_server_side_encryption_configuration.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
+| [aws_s3_bucket_versioning.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning) | resource |
 | [aws_s3_bucket_website_configuration.www_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_website_configuration) | resource |
 | [aws_s3_object.images](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
 | [aws_s3_object.index](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |

main.tf

@@ -77,6 +77,22 @@ data "aws_iam_policy_document" "s3_public_access_policy" {
   }
 }
 
+resource "aws_s3_bucket_server_side_encryption_configuration" "www_bucket" {
+  bucket = aws_s3_bucket.www_bucket.id
+  rule {
+    apply_server_side_encryption_by_default {
+      sse_algorithm = "AES256"
+    }
+  }
+}
+
+resource "aws_s3_bucket_versioning" "www_bucket" {
+  bucket = aws_s3_bucket.www_bucket.id
+  versioning_configuration {
+    status = "Enabled"
+  }
+}
+
 resource "random_integer" "product" {
   min = 0
   max = length(local.hashi_products) - 1