From de631846f4d3fcb3454227872d419407e2b47d33 Mon Sep 17 00:00:00 2001
From: shivawandb <167111773+shivawandb@users.noreply.github.com>
Date: Fri, 17 Jan 2025 14:23:03 -0800
Subject: [PATCH] fix: S3 bucket force destroy (#324)

* fix: S3 bucket force destroy

* fix: S3 bucket force destroy

* fix: S3 bucket force destroy

* fix: S3 bucket force destroy
---
 main.tf                         | 9 +++++----
 modules/networking/main.tf      | 6 +++---
 modules/networking/variables.tf | 6 ++++++
 variables.tf                    | 6 ++++++
 4 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/main.tf b/main.tf
index eadaac2da..1c00ade64 100644
--- a/main.tf
+++ b/main.tf
@@ -44,10 +44,11 @@ locals {
 }
 
 module "networking" {
-  source          = "./modules/networking"
-  namespace       = var.namespace
-  create_vpc      = var.create_vpc
-  enable_flow_log = var.enable_flow_log
+  source               = "./modules/networking"
+  namespace            = var.namespace
+  create_vpc           = var.create_vpc
+  enable_flow_log      = var.enable_flow_log
+  keep_flow_log_bucket = var.keep_flow_log_bucket
 
   cidr                           = var.network_cidr
   private_subnet_cidrs           = var.network_private_subnet_cidrs
diff --git a/modules/networking/main.tf b/modules/networking/main.tf
index 2e0fad341..3c57eba4a 100644
--- a/modules/networking/main.tf
+++ b/modules/networking/main.tf
@@ -59,7 +59,7 @@ resource "aws_flow_log" "vpc_flow_logs" {
 }
 
 resource "aws_s3_bucket" "flow_log" {
-  count = var.create_vpc && var.enable_flow_log ? 1 : 0
-
-  bucket = "${var.namespace}-vpc-flow-logs"
+  count         = (var.create_vpc && var.enable_flow_log) || var.keep_flow_log_bucket ? 1 : 0
+  bucket        = "${var.namespace}-vpc-flow-logs"
+  force_destroy = true
 }
\ No newline at end of file
diff --git a/modules/networking/variables.tf b/modules/networking/variables.tf
index 5a7ae58c5..facb8ac39 100644
--- a/modules/networking/variables.tf
+++ b/modules/networking/variables.tf
@@ -73,4 +73,10 @@ variable "enable_flow_log" {
   description = "Controls whether VPC Flow Logs are enabled"
   type        = bool
   default     = false
+}
+
+variable "keep_flow_log_bucket" {
+  description = "Controls whether S3 bucket storing VPC Flow Logs will be kept"
+  type        = bool
+  default     = true
 }
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 7cd309d39..f24d9ed83 100644
--- a/variables.tf
+++ b/variables.tf
@@ -220,6 +220,12 @@ variable "enable_flow_log" {
   default     = false
 }
 
+variable "keep_flow_log_bucket" {
+  description = "Controls whether S3 bucket storing VPC Flow Logs will be kept"
+  type        = bool
+  default     = true
+}
+
 variable "network_id" {
   default     = ""
   description = "The identity of the VPC in which resources will be deployed."