Add bucket logging (#134)

* Add logging

* Improve syntax

* Add example

* Improve type for retention policy

modules/gcs/README.md

@@ -73,7 +73,12 @@ module "buckets" {
 
   retention_policies = {
     bucket-one = { retention_period = 100 , is_locked = true}
-    bucket-two = { retention_period = 900 }
+    bucket-two = { retention_period = 900 , is_locked = false}
+  }
+
+  logging_config = {
+    bucket-one = { log_bucket = bucket_name_for_logging , log_object_prefix = null}
+    bucket-two = { log_bucket = bucket_name_for_logging , log_object_prefix = "logs_for_bucket_two"}
   }
 }
 ```
@@ -92,8 +97,9 @@ module "buckets" {
 | *iam_roles* | IAM roles keyed by bucket name. | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> |  | <code title="">{}</code> |
 | *labels* | Labels to be attached to all buckets. | <code title="map&#40;string&#41;">map(string)</code> |  | <code title="">{}</code> |
 | *location* | Bucket location. | <code title="">string</code> |  | <code title="">EU</code> |
+| *logging* | Per-bucket logging. | <code title="map&#40;map&#40;string&#41;&#41;">map(object)</code> |  | <code title="">{}</code> |
 | *prefix* | Prefix used to generate the bucket name. | <code title="">string</code> |  | <code title="">null</code> |
-| *retention_policies* | Per-bucket retention policy. | <code title="map&#40;map&#40;string&#41;&#41;">map(map(string))</code> |  | <code title="">{}</code> |
+| *retention_policies* | Per-bucket retention policy. | <code title="map&#40;map&#40;string&#41;&#41;">map(object)</code> |  | <code title="">{}</code> |
 | *storage_class* | Bucket storage class. | <code title="">string</code> |  | <code title="">MULTI_REGIONAL</code> |
 | *versioning* | Optional map to set versioning keyed by name, defaults to false. | <code title="map&#40;bool&#41;">map(bool)</code> |  | <code title="">{}</code> |
 

modules/gcs/main.tf

@@ -38,6 +38,7 @@ locals {
   )
   kms_keys = { for name in var.names : name => lookup(var.encryption_keys, name, null) }
   retention_policy = { for name in var.names : name => lookup(var.retention_policies, name, null) }
+  logging_config = { for name in var.names : name => lookup(var.logging_config, name, null) }
 }
 
 resource "google_storage_bucket" "buckets" {
@@ -69,7 +70,15 @@ resource "google_storage_bucket" "buckets" {
     for_each = local.retention_policy[each.key] == null ? [] : [""]
     content {
       retention_period = local.retention_policy[each.key]["retention_period"]
-      is_locked = lookup(local.retention_policy[each.key], "is_locked", false)
+      is_locked = local.retention_policy[each.key]["is_locked"]
+    }
+  }
+
+  dynamic logging {
+    for_each = local.logging_config[each.key] == null ? [] : [""]
+    content {
+      log_bucket = local.logging_config[each.key]["log_bucket"]
+      log_object_prefix = local.logging_config[each.key]["log_object_prefix"]
     }
   }
 }

modules/gcs/variables.tf

@@ -86,6 +86,18 @@ variable "versioning" {
 
 variable "retention_policies" {
   description = "Per-bucket retention policy."
-  type        = map(map(string))
+  type = map(object({
+  		retention_period = number
+		is_locked        = bool
+	}))
+  default     = {}
+}
+
+variable "logging_config" {
+  description = "Per-bucket logging."
+  type = map(object({
+  		log_bucket = string
+  		log_object_prefix = string
+	}))
   default     = {}
 }