From 2dbf15a8444fe15cd34bb2891d4a54d26ecab021 Mon Sep 17 00:00:00 2001
From: Erik Stambaugh <erik@erikstambaugh.com>
Date: Sat, 8 Jan 2022 14:21:19 -0800
Subject: [PATCH] Add default bucket level encryption

---
 nextcloud.tf | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/nextcloud.tf b/nextcloud.tf
index 7885959..9d0b1b4 100644
--- a/nextcloud.tf
+++ b/nextcloud.tf
@@ -16,6 +16,16 @@ module "s3_bucket" {
     enabled = false
   }
 
+  server_side_encryption_configuration = {
+    rule = {
+      apply_server_side_encryption_by_default = {
+        sse_algorithm = "AES256"
+      }
+
+      bucket_key_enabled = true
+    }
+  }
+
 }
 
 # https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest