module "bucket" {
source = "./fabric/modules/gcs"
project_id = "myproject"
prefix = "test"
name = "my-bucket"
iam = {
"roles/storage.admin" = ["group:storage@example.com"]
}
}
# tftest modules=1 resources=2module "bucket" {
source = "./fabric/modules/gcs"
project_id = "myproject"
prefix = "test"
name = "my-bucket"
iam = {
"roles/storage.admin" = ["group:storage@example.com"]
}
encryption_key = "my-encryption-key"
}
# tftest modules=1 resources=2module "bucket" {
source = "./fabric/modules/gcs"
project_id = "myproject"
prefix = "test"
name = "my-bucket"
iam = {
"roles/storage.admin" = ["group:storage@example.com"]
}
retention_policy = {
retention_period = 100
is_locked = true
}
logging_config = {
log_bucket = var.bucket
log_object_prefix = null
}
}
# tftest modules=1 resources=2module "bucket" {
source = "./fabric/modules/gcs"
project_id = "myproject"
prefix = "test"
name = "my-bucket"
iam = {
"roles/storage.admin" = ["group:storage@example.com"]
}
lifecycle_rule = {
action = {
type = "SetStorageClass"
storage_class = "STANDARD"
}
condition = {
age = 30
created_before = null
with_state = null
matches_storage_class = null
num_newer_versions = null
custom_time_before = null
days_since_custom_time = null
days_since_noncurrent_time = null
noncurrent_time_before = null
}
}
}
# tftest modules=1 resources=2module "bucket-gcs-notification" {
source = "./fabric/modules/gcs"
project_id = "myproject"
prefix = "test"
name = "my-bucket"
notification_config = {
enabled = true
payload_format = "JSON_API_V1"
sa_email = "service-<project-number>@gs-project-accounts.iam.gserviceaccount.com" # GCS SA email must be passed or fetched from projects module.
topic_name = "gcs-notification-topic"
event_types = ["OBJECT_FINALIZE"]
custom_attributes = {}
}
}
# tftest modules=1 resources=4| name | description | type | required | default |
|---|---|---|---|---|
| name | Bucket name suffix. | string |
✓ | |
| project_id | Bucket project id. | string |
✓ | |
| cors | CORS configuration for the bucket. Defaults to null. | object({…}) |
null |
|
| encryption_key | KMS key that will be used for encryption. | string |
null |
|
| force_destroy | Optional map to set force destroy keyed by name, defaults to false. | bool |
false |
|
| iam | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) |
{} |
|
| labels | Labels to be attached to all buckets. | map(string) |
{} |
|
| lifecycle_rule | Bucket lifecycle rule. | object({…}) |
null |
|
| location | Bucket location. | string |
"EU" |
|
| logging_config | Bucket logging configuration. | object({…}) |
null |
|
| notification_config | GCS Notification configuration. | object({…}) |
null |
|
| prefix | Prefix used to generate the bucket name. | string |
null |
|
| retention_policy | Bucket retention policy. | object({…}) |
null |
|
| storage_class | Bucket storage class. | string |
"MULTI_REGIONAL" |
|
| uniform_bucket_level_access | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool |
true |
|
| versioning | Enable versioning, defaults to false. | bool |
false |
|
| website | Bucket website. | object({…}) |
null |
| name | description | sensitive |
|---|---|---|
| bucket | Bucket resource. | |
| id | Bucket ID (same as name). | |
| name | Bucket name. | |
| notification | GCS Notification self link. | |
| topic | Topic ID used by GCS. | |
| url | Bucket URL. |