Added GCS notification support (#335)
* Added GCS notification support * fixed notification output indices * merged vars and added more conditional validation * Terraform linting * Added sa_email serviceAccount variable * Fixed bool check and use try in notification var * Fixed typo source path example block * Fixed assert number tftest gcs example
This commit is contained in:
Caio Tavares
@@ -1,9 +1,4 @@
|
||||
# Google Cloud Storage Module
|
||||
|
||||
## TODO
|
||||
|
||||
- [ ] add support for defining [notifications](https://www.terraform.io/docs/providers/google/r/storage_notification.html)
|
||||
|
||||
## Example
|
||||
|
||||
```hcl
|
||||
@@ -93,6 +88,24 @@ module "bucket" {
|
||||
}
|
||||
# tftest:modules=1:resources=2
|
||||
```
|
||||
### Minimal example with GCS notifications
|
||||
```hcl
|
||||
module "bucket-gcs-notification" {
|
||||
source = "./modules/gcs"
|
||||
project_id = "myproject"
|
||||
prefix = "test"
|
||||
name = "my-bucket"
|
||||
notification_config = {
|
||||
enabled = true
|
||||
payload_format = "JSON_API_V1"
|
||||
sa_email = "service-<project-number>@gs-project-accounts.iam.gserviceaccount.com" # GCS SA email must be passed or fetched from projects module.
|
||||
topic_name = "gcs-notification-topic"
|
||||
event_types = ["OBJECT_FINALIZE"]
|
||||
custom_attributes = {}
|
||||
}
|
||||
}
|
||||
# tftest:modules=1:resources=4
|
||||
```
|
||||
|
||||
<!-- BEGIN TFDOC -->
|
||||
## Variables
|
||||
@@ -109,6 +122,7 @@ module "bucket" {
|
||||
| *lifecycle_rule* | Bucket lifecycle rule | <code title="object({ action = object({ type = string storage_class = string }) condition = object({ age = number created_before = string with_state = string matches_storage_class = list(string) num_newer_versions = string custom_time_before = string days_since_custom_time = string days_since_noncurrent_time = string noncurrent_time_before = string }) })">object({...})</code> | | <code title="">null</code> |
|
||||
| *location* | Bucket location. | <code title="">string</code> | | <code title="">EU</code> |
|
||||
| *logging_config* | Bucket logging configuration. | <code title="object({ log_bucket = string log_object_prefix = string })">object({...})</code> | | <code title="">null</code> |
|
||||
| *notification_config* | GCS Notification configuration. | <code title="object({ enabled = bool payload_format = string topic_name = string sa_email = string event_types = list(string) custom_attributes = map(string) })">object({...})</code> | | <code title="">null</code> |
|
||||
| *prefix* | Prefix used to generate the bucket name. | <code title="">string</code> | | <code title="">null</code> |
|
||||
| *retention_policy* | Bucket retention policy. | <code title="object({ retention_period = number is_locked = bool })">object({...})</code> | | <code title="">null</code> |
|
||||
| *storage_class* | Bucket storage class. | <code title="">string</code> | | <code title="MULTI_REGIONAL validation { condition = contains(["STANDARD", "MULTI_REGIONAL", "REGIONAL", "NEARLINE", "COLDLINE", "ARCHIVE"], var.storage_class) error_message = "Storage class must be one of STANDARD, MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE." }">...</code> |
|
||||
@@ -122,5 +136,7 @@ module "bucket" {
|
||||
|---|---|:---:|
|
||||
| bucket | Bucket resource. | |
|
||||
| name | Bucket name. | |
|
||||
| notification | GCS Notification self link. | |
|
||||
| topic | Topic ID used by GCS. | |
|
||||
| url | Bucket URL. | |
|
||||
<!-- END TFDOC -->
|
||||
|
||||
@@ -20,6 +20,7 @@ locals {
|
||||
? ""
|
||||
: join("-", [var.prefix, lower(var.location), ""])
|
||||
)
|
||||
notification = try(var.notification_config.enabled, false)
|
||||
}
|
||||
|
||||
resource "google_storage_bucket" "bucket" {
|
||||
@@ -105,3 +106,23 @@ resource "google_storage_bucket_iam_binding" "bindings" {
|
||||
role = each.key
|
||||
members = each.value
|
||||
}
|
||||
|
||||
resource "google_storage_notification" "notification" {
|
||||
count = local.notification ? 1 : 0
|
||||
bucket = google_storage_bucket.bucket.name
|
||||
payload_format = var.notification_config.payload_format
|
||||
topic = google_pubsub_topic.topic[0].id
|
||||
event_types = var.notification_config.event_types
|
||||
custom_attributes = var.notification_config.custom_attributes
|
||||
}
|
||||
resource "google_pubsub_topic_iam_binding" "binding" {
|
||||
count = local.notification ? 1 : 0
|
||||
topic = google_pubsub_topic.topic[0].id
|
||||
role = "roles/pubsub.publisher"
|
||||
members = ["serviceAccount:${var.notification_config.sa_email}"]
|
||||
}
|
||||
resource "google_pubsub_topic" "topic" {
|
||||
count = local.notification ? 1 : 0
|
||||
project = var.project_id
|
||||
name = var.notification_config.topic_name
|
||||
}
|
||||
@@ -23,7 +23,14 @@ output "name" {
|
||||
description = "Bucket name."
|
||||
value = google_storage_bucket.bucket.name
|
||||
}
|
||||
|
||||
output "notification" {
|
||||
description = "GCS Notification self link."
|
||||
value = local.notification == true ? google_storage_notification.notification[0].self_link : null
|
||||
}
|
||||
output "topic" {
|
||||
description = "Topic ID used by GCS."
|
||||
value = local.notification == true ? google_pubsub_topic.topic[0].id : null
|
||||
}
|
||||
output "url" {
|
||||
description = "Bucket URL."
|
||||
value = google_storage_bucket.bucket.url
|
||||
|
||||
@@ -91,6 +91,18 @@ variable "name" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "notification_config" {
|
||||
description = "GCS Notification configuration."
|
||||
type = object({
|
||||
enabled = bool
|
||||
payload_format = string
|
||||
topic_name = string
|
||||
sa_email = string
|
||||
event_types = list(string)
|
||||
custom_attributes = map(string)
|
||||
})
|
||||
default = null
|
||||
}
|
||||
variable "prefix" {
|
||||
description = "Prefix used to generate the bucket name."
|
||||
type = string
|
||||
|
||||
Reference in New Issue
Block a user