Untitled
plain_text
a month ago
3.4 kB
4
Indexable
Never
# Module: Buckets - Cloud Storage ## About This module creates bucket and also can add list of members to the specfifc roles: - roles/storage.objectAdmin - admins variable - roles/storage.objectCreator - creators variable - roles/storage.objectViewer - viewers variable - roles/storage.admin - storage_admins variable </br>This is addative option, other members for role are preserved ## Simple usage below ```hcl module "bucket" { source = "../../../modules/storage/bucket" project = "project_id" name = "bucket-123" storage_class = "ARCHIVE" uniform_bucket_level_access = true location = "US" force_destroy = true versioning = true admins = ["user:{emailid}"] creators = ["user:{emailid}", "userviceAccount:{emailid}", "group:{emailid}"] viewers = ["user:{emailid}", "user:{emailid}", "user:{emailid}"] folders = ["top1", "top2", "top1/new-folder"] lifecycle_rules = [{ action = { type = "Delete" } condition = { age = 3 } }] } ``` ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | project_id | The ID of the project in which the resource belongs. If it is not provided, the provider project is used | `string` | n/a | yes | | name | The name of the bucket. | `string` | n/a | yes | | location | The GCS location | `string` | `US` | no | | uniform_bucket_level_access | Enables Uniform bucket-level access access to a bucket | `bool` | `true` | no | | force_destroy | Optional, Default: false) When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run | `bool` | `false` | no | | storage_class | Supported values include: STANDARD, MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE. | `string` | `STANDARD` | no | | labels | Labels for the bucket | `map(string)` | null | no | | retention_policy | Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. Structure is documented below | `object({ is_locked = bool, retention_period = number })` | `STANDARD` | no | | lifecycle_rules | The bucket's Lifecycle Rules configuration. Multiple blocks of this type are permitted - more information in `variables.tf` | `list(object({ action = any, condition = any }))` | `[]`| no | | log_object_prefix | (Optional, Computed) The object prefix for log objects. If it's not provided, by default GCS sets this to this bucket's name | `string` | null | no | | log_bucket | The bucket that will receive log objects. | `string` | null | no | | admins | Members who will get roles/storage.objectAdmin role on given bucket | `list(string)` | `[]` | no | | creators | Members who will get roles/storage.objectCreator role on given bucket | `list(string)` | `[]` | no | | viewers | Members who will get roles/storage.objectViewer role on given bucket | `list(string)` | `[]` | no | | storage_admins | Members who will get roles/storage.admin role on given bucket | `list(string)` | `[]` | no | ## Outputs | Name | Description | |------|-------------| | bucket | The creates storage bucket | | self_link | The URI of the created resource. | | url | The base URL of the bucket, in the format gs://<bucket-name>. |