diff --git a/modules/gcs/README.md b/modules/gcs/README.md
index 12a71ebf7b..2964f73f85 100644
--- a/modules/gcs/README.md
+++ b/modules/gcs/README.md
@@ -311,7 +311,7 @@ module "bucket" {
|---|---|:---:|:---:|:---:|
| [location](variables.tf#L156) | Bucket location. | string
| ✓ | |
| [name](variables.tf#L199) | Bucket name suffix. | string
| ✓ | |
-| [project_id](variables.tf#L255) | Bucket project id. | string
| ✓ | |
+| [project_id](variables.tf#L257) | Bucket project id. | string
| ✓ | |
| [autoclass](variables.tf#L17) | Enable autoclass to automatically transition objects to appropriate storage classes based on their access pattern. If set to true, storage_class must be set to STANDARD. Defaults to false. | bool
| | null
|
| [cors](variables.tf#L23) | CORS configuration for the bucket. Defaults to null. | object({…})
| | null
|
| [custom_placement_config](variables.tf#L34) | The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated as REGIONAL or MULTI_REGIONAL, the parameters are empty. | list(string)
| | null
|
@@ -326,19 +326,19 @@ module "bucket" {
| [lifecycle_rules](variables.tf#L107) | Bucket lifecycle rule. | map(object({…}))
| | {}
|
| [logging_config](variables.tf#L162) | Bucket logging configuration. | object({…})
| | null
|
| [managed_folders](variables.tf#L171) | Managed folders to create within the bucket in {PATH => CONFIG} format. | map(object({…}))
| | {}
|
-| [notification_config](variables.tf#L204) | GCS Notification configuration. | object({…})
| | null
|
-| [objects_to_upload](variables.tf#L219) | Objects to be uploaded to bucket. | map(object({…}))
| | {}
|
-| [prefix](variables.tf#L245) | Optional prefix used to generate the bucket name. | string
| | null
|
-| [public_access_prevention](variables.tf#L260) | Prevents public access to the bucket. | string
| | null
|
-| [requester_pays](variables.tf#L270) | Enables Requester Pays on a storage bucket. | bool
| | null
|
-| [retention_policy](variables.tf#L276) | Bucket retention policy. | object({…})
| | null
|
-| [rpo](variables.tf#L285) | Bucket recovery point objective. | string
| | null
|
-| [soft_delete_retention](variables.tf#L295) | The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Set to 0 to override the default and disable. | number
| | null
|
-| [storage_class](variables.tf#L301) | Bucket storage class. | string
| | "STANDARD"
|
-| [tag_bindings](variables.tf#L311) | Tag bindings for this folder, in key => tag value id format. | map(string)
| | {}
|
-| [uniform_bucket_level_access](variables.tf#L318) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool
| | true
|
-| [versioning](variables.tf#L324) | Enable versioning, defaults to false. | bool
| | null
|
-| [website](variables.tf#L330) | Bucket website. | object({…})
| | null
|
+| [notification_config](variables.tf#L204) | GCS Notification configuration. | object({…})
| | null
|
+| [objects_to_upload](variables.tf#L221) | Objects to be uploaded to bucket. | map(object({…}))
| | {}
|
+| [prefix](variables.tf#L247) | Optional prefix used to generate the bucket name. | string
| | null
|
+| [public_access_prevention](variables.tf#L262) | Prevents public access to the bucket. | string
| | null
|
+| [requester_pays](variables.tf#L272) | Enables Requester Pays on a storage bucket. | bool
| | null
|
+| [retention_policy](variables.tf#L278) | Bucket retention policy. | object({…})
| | null
|
+| [rpo](variables.tf#L287) | Bucket recovery point objective. | string
| | null
|
+| [soft_delete_retention](variables.tf#L297) | The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Set to 0 to override the default and disable. | number
| | null
|
+| [storage_class](variables.tf#L303) | Bucket storage class. | string
| | "STANDARD"
|
+| [tag_bindings](variables.tf#L313) | Tag bindings for this folder, in key => tag value id format. | map(string)
| | {}
|
+| [uniform_bucket_level_access](variables.tf#L320) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool
| | true
|
+| [versioning](variables.tf#L326) | Enable versioning, defaults to false. | bool
| | null
|
+| [website](variables.tf#L332) | Bucket website. | object({…})
| | null
|
## Outputs
diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf
index aa4258a085..db1f2e8307 100644
--- a/modules/gcs/main.tf
+++ b/modules/gcs/main.tf
@@ -17,6 +17,7 @@
locals {
prefix = var.prefix == null ? "" : "${var.prefix}-"
notification = try(var.notification_config.enabled, false)
+ topic_create = try(var.notification_config.topic_create, null) != null
}
resource "google_storage_bucket" "bucket" {
@@ -172,14 +173,15 @@ resource "google_storage_notification" "notification" {
}
resource "google_pubsub_topic_iam_binding" "binding" {
- count = try(var.notification_config.create_topic, null) == true ? 1 : 0
+ count = local.topic_create ? 1 : 0
topic = google_pubsub_topic.topic[0].id
role = "roles/pubsub.publisher"
members = ["serviceAccount:${var.notification_config.sa_email}"]
}
resource "google_pubsub_topic" "topic" {
- count = try(var.notification_config.create_topic, null) == true ? 1 : 0
- project = var.project_id
- name = var.notification_config.topic_name
+ count = local.topic_create ? 1 : 0
+ project = var.project_id
+ name = var.notification_config.topic_name
+ kms_key_name = try(var.notification_config.topic_create.kms_key_id, null)
}
diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf
index 49d9fb202f..2c81dd1691 100644
--- a/modules/gcs/variables.tf
+++ b/modules/gcs/variables.tf
@@ -204,11 +204,13 @@ variable "name" {
variable "notification_config" {
description = "GCS Notification configuration."
type = object({
- enabled = bool
- payload_format = string
- topic_name = string
- sa_email = string
- create_topic = optional(bool, true)
+ enabled = bool
+ payload_format = string
+ sa_email = string
+ topic_name = string
+ create_topic = optional(object({
+ kms_key_id = optional(string)
+ }))
event_types = optional(list(string))
custom_attributes = optional(map(string))
object_name_prefix = optional(string)
diff --git a/modules/spanner-instance/main.tf b/modules/spanner-instance/main.tf
index d35589ec11..26a8e33541 100644
--- a/modules/spanner-instance/main.tf
+++ b/modules/spanner-instance/main.tf
@@ -15,15 +15,21 @@
*/
locals {
- spanner_instance = var.instance_create ? google_spanner_instance.spanner_instance[0] : data.google_spanner_instance.spanner_instance[0]
+ spanner_instance = (
+ var.instance_create
+ ? google_spanner_instance.spanner_instance[0]
+ : data.google_spanner_instance.spanner_instance[0]
+ )
}
resource "google_spanner_instance_config" "spanner_instance_config" {
- count = try(var.instance.config.auto_create, null) == null ? 0 : 1
- name = var.instance.config.name
- project = var.project_id
- display_name = coalesce(var.instance.config.auto_create.display_name, var.instance.config.name)
- base_config = var.instance.config.auto_create.base_config
+ count = try(var.instance.config.auto_create, null) == null ? 0 : 1
+ name = var.instance.config.name
+ project = var.project_id
+ display_name = coalesce(
+ var.instance.config.auto_create.display_name, var.instance.config.name
+ )
+ base_config = var.instance.config.auto_create.base_config
dynamic "replicas" {
for_each = var.instance.config.auto_create.replicas
content {
@@ -42,9 +48,13 @@ data "google_spanner_instance" "spanner_instance" {
}
resource "google_spanner_instance" "spanner_instance" {
- count = var.instance_create ? 1 : 0
- project = var.project_id
- config = var.instance.config.auto_create == null ? var.instance.config.name : google_spanner_instance_config.spanner_instance_config[0].name
+ count = var.instance_create ? 1 : 0
+ project = var.project_id
+ config = (
+ var.instance.config.auto_create == null
+ ? var.instance.config.name
+ : google_spanner_instance_config.spanner_instance_config[0].name
+ )
name = var.instance.name
display_name = coalesce(var.instance.display_name, var.instance.name)
num_nodes = var.instance.num_nodes
@@ -64,8 +74,12 @@ resource "google_spanner_instance" "spanner_instance" {
dynamic "autoscaling_targets" {
for_each = var.instance.autoscaling.targets == null ? [] : [""]
content {
- high_priority_cpu_utilization_percent = var.instance.autoscaling.targets.high_priority_cpu_utilization_percent
- storage_utilization_percent = var.instance.autoscaling.targets.storage_utilization_percent
+ high_priority_cpu_utilization_percent = (
+ var.instance.autoscaling.targets.high_priority_cpu_utilization_percent
+ )
+ storage_utilization_percent = (
+ var.instance.autoscaling.targets.storage_utilization_percent
+ )
}
}
}