From eca9c57551e48e4fff635df8c59d2797b78c6652 Mon Sep 17 00:00:00 2001
From: Matt Rose <40691156+matty-rose@users.noreply.github.com>
Date: Fri, 4 Jun 2021 02:34:15 +1000
Subject: [PATCH] feat: Add support for log bucket configuration (#117)

---
 README.md                          |  1 +
 main.tf                            |  7 +++++++
 modules/simple_bucket/README.md    |  2 ++
 modules/simple_bucket/main.tf      |  8 ++++++++
 modules/simple_bucket/variables.tf | 12 ++++++++++++
 variables.tf                       |  6 ++++++
 6 files changed, 36 insertions(+)

diff --git a/README.md b/README.md
index 2e33561f..691150a4 100644
--- a/README.md
+++ b/README.md
@@ -62,6 +62,7 @@ Functional examples are included in the
 | labels | Labels to be attached to the buckets | `map(string)` | `{}` | no |
 | lifecycle\_rules | List of lifecycle rules to configure. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#lifecycle_rule except condition.matches\_storage\_class should be a comma delimited string. | <pre>set(object({<br>    # Object with keys:<br>    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.<br>    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.<br>    action = map(string)<br><br>    # Object with keys:<br>    # - age - (Optional) Minimum age of an object in days to satisfy this condition.<br>    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.<br>    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".<br>    # - matches_storage_class - (Optional) Comma delimited string for storage class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.<br>    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.<br>    condition = map(string)<br>  }))</pre> | `[]` | no |
 | location | Bucket location. | `string` | `"EU"` | no |
+| logging | Map of lowercase unprefixed name => bucket logging config object. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#logging | `any` | `{}` | no |
 | names | Bucket name suffixes. | `list(string)` | n/a | yes |
 | prefix | Prefix used to generate the bucket name. | `string` | n/a | yes |
 | project\_id | Bucket project id. | `string` | n/a | yes |
diff --git a/main.tf b/main.tf
index 3a1b9556..dddedcb3 100644
--- a/main.tf
+++ b/main.tf
@@ -105,6 +105,13 @@ resource "google_storage_bucket" "buckets" {
     }
   }
 
+  dynamic "logging" {
+    for_each = lookup(var.logging, each.value, {}) != {} ? { v = lookup(var.logging, each.value) } : {}
+    content {
+      log_bucket        = lookup(logging.value, "log_bucket", null)
+      log_object_prefix = lookup(logging.value, "log_object_prefix", null)
+    }
+  }
 }
 
 resource "google_storage_bucket_iam_binding" "admins" {
diff --git a/modules/simple_bucket/README.md b/modules/simple_bucket/README.md
index 44978aef..e5f7f1c7 100644
--- a/modules/simple_bucket/README.md
+++ b/modules/simple_bucket/README.md
@@ -45,6 +45,8 @@ Functional examples are included in the
 | labels | A set of key/value label pairs to assign to the bucket. | `map(string)` | `null` | no |
 | lifecycle\_rules | The bucket's Lifecycle Rules configuration. | <pre>list(object({<br>    # Object with keys:<br>    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.<br>    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.<br>    action = any<br><br>    # Object with keys:<br>    # - age - (Optional) Minimum age of an object in days to satisfy this condition.<br>    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.<br>    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".<br>    # - matches_storage_class - (Optional) Storage Class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.<br>    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.<br>    condition = any<br>  }))</pre> | `[]` | no |
 | location | The location of the bucket. | `string` | n/a | yes |
+| log\_bucket | The bucket that will receive log objects. | `string` | `null` | no |
+| log\_object\_prefix | The object prefix for log objects. If it's not provided, by default GCS sets this to this bucket's name | `string` | `null` | no |
 | name | The name of the bucket. | `string` | n/a | yes |
 | project\_id | The ID of the project to create the bucket in. | `string` | n/a | yes |
 | retention\_policy | Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. | <pre>object({<br>    is_locked        = bool<br>    retention_period = number<br>  })</pre> | `null` | no |
diff --git a/modules/simple_bucket/main.tf b/modules/simple_bucket/main.tf
index 15171f95..23580d10 100644
--- a/modules/simple_bucket/main.tf
+++ b/modules/simple_bucket/main.tf
@@ -58,6 +58,14 @@ resource "google_storage_bucket" "bucket" {
       }
     }
   }
+
+  dynamic "logging" {
+    for_each = var.log_bucket == null ? [] : [var.log_bucket]
+    content {
+      log_bucket        = var.log_bucket
+      log_object_prefix = var.log_object_prefix
+    }
+  }
 }
 
 resource "google_storage_bucket_iam_member" "members" {
diff --git a/modules/simple_bucket/variables.tf b/modules/simple_bucket/variables.tf
index 7fb5e712..81c76779 100644
--- a/modules/simple_bucket/variables.tf
+++ b/modules/simple_bucket/variables.tf
@@ -104,3 +104,15 @@ variable "lifecycle_rules" {
   }))
   default = []
 }
+
+variable "log_bucket" {
+  description = "The bucket that will receive log objects."
+  type        = string
+  default     = null
+}
+
+variable "log_object_prefix" {
+  description = "The object prefix for log objects. If it's not provided, by default GCS sets this to this bucket's name"
+  type        = string
+  default     = null
+}
diff --git a/variables.tf b/variables.tf
index 2a9a89e2..5dd9dc6b 100644
--- a/variables.tf
+++ b/variables.tf
@@ -199,3 +199,9 @@ variable "website" {
   default     = {}
   description = "Map of website values. Supported attributes: main_page_suffix, not_found_page"
 }
+
+variable "logging" {
+  description = "Map of lowercase unprefixed name => bucket logging config object. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#logging"
+  type        = any
+  default     = {}
+}