diff --git a/modules/gcs/README.md b/modules/gcs/README.md
index d35d28ea9..3ea52db68 100644
--- a/modules/gcs/README.md
+++ b/modules/gcs/README.md
@@ -178,26 +178,29 @@ module "bucket" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [name](variables.tf#L146) | Bucket name suffix. | string | ✓ | |
-| [project_id](variables.tf#L201) | Bucket project id. | string | ✓ | |
+| [name](variables.tf#L158) | Bucket name suffix. | string | ✓ | |
+| [project_id](variables.tf#L213) | Bucket project id. | string | ✓ | |
| [cors](variables.tf#L17) | CORS configuration for the bucket. Defaults to null. | object({…}) | | null |
-| [encryption_key](variables.tf#L28) | KMS key that will be used for encryption. | string | | null |
-| [force_destroy](variables.tf#L34) | Optional map to set force destroy keyed by name, defaults to false. | bool | | false |
-| [iam](variables.tf#L40) | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
-| [iam_bindings](variables.tf#L46) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | map(object({…})) | | {} |
-| [iam_bindings_additive](variables.tf#L61) | Individual additive IAM bindings. Keys are arbitrary. | map(object({…})) | | {} |
-| [labels](variables.tf#L76) | Labels to be attached to all buckets. | map(string) | | {} |
-| [lifecycle_rules](variables.tf#L82) | Bucket lifecycle rule. | map(object({…})) | | {} |
-| [location](variables.tf#L131) | Bucket location. | string | | "EU" |
-| [logging_config](variables.tf#L137) | Bucket logging configuration. | object({…}) | | null |
-| [notification_config](variables.tf#L151) | GCS Notification configuration. | object({…}) | | null |
-| [objects_to_upload](variables.tf#L165) | Objects to be uploaded to bucket. | map(object({…})) | | {} |
-| [prefix](variables.tf#L191) | Optional prefix used to generate the bucket name. | string | | null |
-| [retention_policy](variables.tf#L206) | Bucket retention policy. | object({…}) | | null |
-| [storage_class](variables.tf#L215) | Bucket storage class. | string | | "MULTI_REGIONAL" |
-| [uniform_bucket_level_access](variables.tf#L225) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true |
-| [versioning](variables.tf#L231) | Enable versioning, defaults to false. | bool | | false |
-| [website](variables.tf#L237) | Bucket website. | object({…}) | | null |
+| [custom_placement_config](variables.tf#L28) | The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated as REGIONAL or MULTI_REGIONAL, the parameters are empty. | list(string) | | null |
+| [default_event_based_hold](variables.tf#L34) | Enable event based hold to new objects added to specific bucket, defaults to false. | bool | | null |
+| [encryption_key](variables.tf#L40) | KMS key that will be used for encryption. | string | | null |
+| [force_destroy](variables.tf#L46) | Optional map to set force destroy keyed by name, defaults to false. | bool | | false |
+| [iam](variables.tf#L52) | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
+| [iam_bindings](variables.tf#L58) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | map(object({…})) | | {} |
+| [iam_bindings_additive](variables.tf#L73) | Individual additive IAM bindings. Keys are arbitrary. | map(object({…})) | | {} |
+| [labels](variables.tf#L88) | Labels to be attached to all buckets. | map(string) | | {} |
+| [lifecycle_rules](variables.tf#L94) | Bucket lifecycle rule. | map(object({…})) | | {} |
+| [location](variables.tf#L143) | Bucket location. | string | | "EU" |
+| [logging_config](variables.tf#L149) | Bucket logging configuration. | object({…}) | | null |
+| [notification_config](variables.tf#L163) | GCS Notification configuration. | object({…}) | | null |
+| [objects_to_upload](variables.tf#L177) | Objects to be uploaded to bucket. | map(object({…})) | | {} |
+| [prefix](variables.tf#L203) | Optional prefix used to generate the bucket name. | string | | null |
+| [requester_pays](variables.tf#L218) | Enables Requester Pays on a storage bucket. | bool | | null |
+| [retention_policy](variables.tf#L224) | Bucket retention policy. | object({…}) | | null |
+| [storage_class](variables.tf#L233) | Bucket storage class. | string | | "MULTI_REGIONAL" |
+| [uniform_bucket_level_access](variables.tf#L243) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true |
+| [versioning](variables.tf#L249) | Enable versioning, defaults to false. | bool | | false |
+| [website](variables.tf#L255) | Bucket website. | object({…}) | | null |
## Outputs
diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf
index 4ad9434af..bd1a4429c 100644
--- a/modules/gcs/main.tf
+++ b/modules/gcs/main.tf
@@ -27,6 +27,8 @@ resource "google_storage_bucket" "bucket" {
force_destroy = var.force_destroy
uniform_bucket_level_access = var.uniform_bucket_level_access
labels = var.labels
+ default_event_based_hold = var.default_event_based_hold
+ requester_pays = var.requester_pays
versioning {
enabled = var.versioning
}
@@ -97,6 +99,14 @@ resource "google_storage_bucket" "bucket" {
}
}
}
+
+ dynamic "custom_placement_config" {
+ for_each = var.custom_placement_config == null ? [] : [""]
+
+ content {
+ data_locations = var.custom_placement_config
+ }
+ }
}
resource "google_storage_bucket_object" "objects" {
diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf
index 253b5570f..2579c09cd 100644
--- a/modules/gcs/variables.tf
+++ b/modules/gcs/variables.tf
@@ -25,6 +25,18 @@ variable "cors" {
default = null
}
+variable "custom_placement_config" {
+ type = list(string)
+ default = null
+ description = "The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated as REGIONAL or MULTI_REGIONAL, the parameters are empty."
+}
+
+variable "default_event_based_hold" {
+ description = "Enable event based hold to new objects added to specific bucket, defaults to false."
+ type = bool
+ default = null
+}
+
variable "encryption_key" {
description = "KMS key that will be used for encryption."
type = string
@@ -203,6 +215,12 @@ variable "project_id" {
type = string
}
+variable "requester_pays" {
+ description = "Enables Requester Pays on a storage bucket."
+ type = bool
+ default = null
+}
+
variable "retention_policy" {
description = "Bucket retention policy."
type = object({