kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9e32b32b3db6f5b8833af9d2606fb1a2d7f7ad40
hunfabric/modules/gcs
History
Ludovico Magnocavallo 9e32b32b3d reformat GCS module and update README
2020-09-03 19:08:29 +02:00
..
main.tf
reformat GCS module and update README
2020-09-03 19:08:29 +02:00
outputs.tf
Merge development branch (#44)
2020-04-03 14:06:48 +02:00
README.md
reformat GCS module and update README
2020-09-03 19:08:29 +02:00
variables.tf
reformat GCS module and update README
2020-09-03 19:08:29 +02:00
versions.tf
Merge development branch (#44)
2020-04-03 14:06:48 +02:00

README.md

Google Cloud Storage Module

TODO

Example

module "buckets" {
  source     = "./modules/gcs"
  project_id = "myproject"
  prefix     = "test"
  names      = ["bucket-one", "bucket-two"]
  bucket_policy_only = {
    bucket-one = false
  }
  iam_members = {
    bucket-two = {
      "roles/storage.admin" = ["group:storage@example.com"]
    }
  }
  iam_roles = {
    bucket-two = ["roles/storage.admin"]
  }
}

Example with Cloud KMS

module "buckets" {
  source     = "./modules/gcs"
  project_id = "myproject"
  prefix     = "test"
  names      = ["bucket-one", "bucket-two"]
  bucket_policy_only = {
    bucket-one = false
  }
  iam_members = {
    bucket-two = {
      "roles/storage.admin" = ["group:storage@example.com"]
    }
  }
  iam_roles = {
    bucket-two = ["roles/storage.admin"]
  }
  encryption_keys = {
    bucket-two = local.kms_key.self_link,
  }
}

Example with retention policy

module "buckets" {
  source     = "./modules/gcs"
  project_id = "myproject"
  prefix     = "test"
  names      = ["bucket-one", "bucket-two"]
  bucket_policy_only = {
    bucket-one = false
  }
  iam_members = {
    bucket-two = {
      "roles/storage.admin" = ["group:storage@example.com"]
    }
  }
  iam_roles = {
    bucket-two = ["roles/storage.admin"]
  }

  retention_policies = {
    bucket-one = { retention_period = 100 , is_locked = true}
    bucket-two = { retention_period = 900 , is_locked = false}
  }

  logging_config = {
    bucket-one = { log_bucket = bucket_name_for_logging , log_object_prefix = null}
    bucket-two = { log_bucket = bucket_name_for_logging , log_object_prefix = "logs_for_bucket_two"}
  }
}

Variables

name description type required default
names Bucket name suffixes. list(string)
project_id Bucket project id. string
bucket_policy_only Optional map to disable object ACLS keyed by name, defaults to true. map(bool) {}
encryption_keys Per-bucket KMS keys that will be used for encryption. map(string) {}
force_destroy Optional map to set force destroy keyed by name, defaults to false. map(bool) {}
iam_members IAM members keyed by bucket name and role. map(map(list(string))) {}
iam_roles IAM roles keyed by bucket name. map(list(string)) {}
labels Labels to be attached to all buckets. map(string) {}
location Bucket location. string EU
logging_config Per-bucket logging. map(object({...})) {}
prefix Prefix used to generate the bucket name. string null
retention_policies Per-bucket retention policy. map(object({...})) {}
storage_class Bucket storage class. string MULTI_REGIONAL
versioning Optional map to set versioning keyed by name, defaults to false. map(bool) {}

Outputs

name description sensitive
bucket Bucket resource (for single use).
buckets Bucket resources.
name Bucket name (for single use).
names Bucket names.
names_list List of bucket names.
url Bucket URL (for single use).
urls Bucket URLs.
urls_list List of bucket URLs.