Google Cloud Storage Module
module "bucket" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
prefix = " test"
name = " my-bucket"
versioning = true
iam = {
" roles/storage.admin" = [" group:[email protected] " ]
}
labels = {
cost-center = " devops"
}
}
# tftest modules=1 resources=2 inventory=simple.yaml
module "bucket" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
name = " my-bucket"
encryption_key = " my-encryption-key"
}
# tftest modules=1 resources=1 inventory=cmek.yaml
Example with retention policy and logging
module "bucket" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
name = " my-bucket"
retention_policy = {
retention_period = 100
is_locked = true
}
logging_config = {
log_bucket = " log-bucket"
log_object_prefix = null
}
}
# tftest modules=1 resources=1 inventory=retention-logging.yaml
Example with lifecycle rule
module "bucket" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
name = " my-bucket"
lifecycle_rules = {
lr-0 = {
action = {
type = " SetStorageClass"
storage_class = " STANDARD"
}
condition = {
age = 30
}
}
}
}
# tftest modules=1 resources=1 inventory=lifecycle.yaml
Minimal example with GCS notifications
module "bucket-gcs-notification" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
name = " my-bucket"
notification_config = {
enabled = true
payload_format = " JSON_API_V1"
sa_email = " service-<project-number>@gs-project-accounts.iam.gserviceaccount.com" # GCS SA email must be passed or fetched from projects module.
topic_name = " gcs-notification-topic"
event_types = [" OBJECT_FINALIZE" ]
custom_attributes = {}
}
}
# tftest modules=1 resources=4 inventory=notification.yaml
Example with object upload
module "bucket" {
source = " ./fabric/modules/gcs"
project_id = " myproject"
name = " my-bucket"
objects_to_upload = {
sample-data = {
name = " example-file.csv"
source = " data/example-file.csv"
content_type = " text/csv"
}
}
}
# tftest modules=1 resources=2 inventory=object-upload.yaml
name
description
type
required
default
name
Bucket name suffix.
string
✓
project_id
Bucket project id.
string
✓
cors
CORS configuration for the bucket. Defaults to null.
object({…})
null
encryption_key
KMS key that will be used for encryption.
string
null
force_destroy
Optional map to set force destroy keyed by name, defaults to false.
bool
false
iam
IAM bindings in {ROLE => [MEMBERS]} format.
map(list(string))
{}
labels
Labels to be attached to all buckets.
map(string)
{}
lifecycle_rules
Bucket lifecycle rule.
map(object({…}))
{}
location
Bucket location.
string
"EU"
logging_config
Bucket logging configuration.
object({…})
null
notification_config
GCS Notification configuration.
object({…})
null
objects_to_upload
Objects to be uploaded to bucket.
map(object({…}))
{}
prefix
Optional prefix used to generate the bucket name.
string
null
retention_policy
Bucket retention policy.
object({…})
null
storage_class
Bucket storage class.
string
"MULTI_REGIONAL"
uniform_bucket_level_access
Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API).
bool
true
versioning
Enable versioning, defaults to false.
bool
false
website
Bucket website.
object({…})
null
name
description
sensitive
bucket
Bucket resource.
id
Fully qualified bucket id.
name
Bucket name.
notification
GCS Notification self link.
objects
Objects in GCS bucket.
topic
Topic ID used by GCS.
url
Bucket URL.