Revert "Optionally output firewall logs to S3 bucket"

ministryofjustice · Sep 24, 2024 · d9275e3 · d9275e3
1 parent 1e939e7
commit d9275e3
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 15 deletions.
diff --git a/terraform/modules/firewall-logging/main.tf b/terraform/modules/firewall-logging/main.tf
@@ -14,16 +14,6 @@ resource "aws_networkfirewall_logging_configuration" "main" {
       log_destination_type = "CloudWatchLogs"
       log_type             = "ALERT"
     }
-    dynamic "log_destination_config" {
-      for_each = var.s3_log_bucket != "" ? toset([var.s3_log_bucket]) : []
-      content {
-        log_destination = {
-          bucketName = log_destination_config.value
-        }
-        log_destination_type = "S3"
-        log_type             = "ALERT"
-      }
-    }
   }
 }
 

diff --git a/terraform/modules/firewall-logging/variables.tf b/terraform/modules/firewall-logging/variables.tf
@@ -7,11 +7,6 @@ variable "fw_arn" {
   description = "ARN of firewall for logging configuration"
   type        = string
 }
-variable "s3_log_bucket" {
-  description = "Optional ARN of an S3 bucket to ship logs to"
-  default     = ""
-  type        = string
-}
 
 variable "tags" {
   description = "A map of keys and values used to create resource metadata tags"