From 039122cf3dae5950fa528eff934e8568346c0013 Mon Sep 17 00:00:00 2001
From: Jacob Nesbitt <jjnesbitt2@gmail.com>
Date: Tue, 27 Jan 2026 12:33:04 -0500
Subject: [PATCH] Add new bucket and inventory config for log bucket

---
 .../modules/dandiset_bucket/log_bucket.tf     | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/terraform/modules/dandiset_bucket/log_bucket.tf b/terraform/modules/dandiset_bucket/log_bucket.tf
index 836e501..77c945d 100644
--- a/terraform/modules/dandiset_bucket/log_bucket.tf
+++ b/terraform/modules/dandiset_bucket/log_bucket.tf
@@ -8,6 +8,34 @@ resource "aws_s3_bucket" "log_bucket" {
   }
 }
 
+# Must use a separate bucket for the inventory files, to prevent "recursion"
+resource "aws_s3_bucket" "log_inventory_bucket" {
+  bucket = "${var.log_bucket_name}-inventory"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+# The inventory configuration itself
+resource "aws_s3_bucket_inventory" "log_bucket_inventory" {
+  bucket = aws_s3_bucket.log_bucket.id
+  name   = "LogsWeekly"
+
+  included_object_versions = "All"
+
+  schedule {
+    frequency = "Weekly"
+  }
+
+  destination {
+    bucket {
+      format     = "CSV"
+      bucket_arn = aws_s3_bucket.log_inventory_bucket.arn
+    }
+  }
+}
+
 resource "aws_s3_bucket_server_side_encryption_configuration" "log_bucket" {
   bucket = aws_s3_bucket.log_bucket.id