Skip to content

Latest commit

 

History

History
 
 

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 

Google Cloud Storage Module

Example

module "bucket" {
  source     = "./fabric/modules/gcs"
  project_id = "myproject"
  prefix     = "test"
  name       = "my-bucket"
  versioning = true
  iam = {
    "roles/storage.admin" = ["group:[email protected]"]
  }
  labels = {
    cost-center = "devops"
  }
}
# tftest modules=1 resources=2 inventory=simple.yaml

Example with Cloud KMS

module "bucket" {
  source         = "./fabric/modules/gcs"
  project_id     = "myproject"
  name           = "my-bucket"
  encryption_key = "my-encryption-key"
}
# tftest modules=1 resources=1 inventory=cmek.yaml

Example with retention policy and logging

module "bucket" {
  source     = "./fabric/modules/gcs"
  project_id = "myproject"
  name       = "my-bucket"
  retention_policy = {
    retention_period = 100
    is_locked        = true
  }
  logging_config = {
    log_bucket        = "log-bucket"
    log_object_prefix = null
  }
}
# tftest modules=1 resources=1 inventory=retention-logging.yaml

Example with lifecycle rule

module "bucket" {
  source     = "./fabric/modules/gcs"
  project_id = "myproject"
  name       = "my-bucket"
  lifecycle_rules = {
    lr-0 = {
      action = {
        type          = "SetStorageClass"
        storage_class = "STANDARD"
      }
      condition = {
        age = 30
      }
    }
  }
}
# tftest modules=1 resources=1 inventory=lifecycle.yaml

Minimal example with GCS notifications

module "bucket-gcs-notification" {
  source     = "./fabric/modules/gcs"
  project_id = "myproject"
  name       = "my-bucket"
  notification_config = {
    enabled           = true
    payload_format    = "JSON_API_V1"
    sa_email          = "service-<project-number>@gs-project-accounts.iam.gserviceaccount.com" # GCS SA email must be passed or fetched from projects module.
    topic_name        = "gcs-notification-topic"
    event_types       = ["OBJECT_FINALIZE"]
    custom_attributes = {}
  }
}
# tftest modules=1 resources=4 inventory=notification.yaml

Example with object upload

module "bucket" {
  source     = "./fabric/modules/gcs"
  project_id = "myproject"
  name       = "my-bucket"
  objects_to_upload = {
    sample-data = {
      name         = "example-file.csv"
      source       = "data/example-file.csv"
      content_type = "text/csv"
    }
  }
}
# tftest modules=1 resources=2 inventory=object-upload.yaml

Variables

name description type required default
name Bucket name suffix. string
project_id Bucket project id. string
cors CORS configuration for the bucket. Defaults to null. object({…}) null
encryption_key KMS key that will be used for encryption. string null
force_destroy Optional map to set force destroy keyed by name, defaults to false. bool false
iam IAM bindings in {ROLE => [MEMBERS]} format. map(list(string)) {}
labels Labels to be attached to all buckets. map(string) {}
lifecycle_rules Bucket lifecycle rule. map(object({…})) {}
location Bucket location. string "EU"
logging_config Bucket logging configuration. object({…}) null
notification_config GCS Notification configuration. object({…}) null
objects_to_upload Objects to be uploaded to bucket. map(object({…})) {}
prefix Optional prefix used to generate the bucket name. string null
retention_policy Bucket retention policy. object({…}) null
storage_class Bucket storage class. string "MULTI_REGIONAL"
uniform_bucket_level_access Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). bool true
versioning Enable versioning, defaults to false. bool false
website Bucket website. object({…}) null

Outputs

name description sensitive
bucket Bucket resource.
id Fully qualified bucket id.
name Bucket name.
notification GCS Notification self link.
objects Objects in GCS bucket.
topic Topic ID used by GCS.
url Bucket URL.