diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 12a71ebf7b..2964f73f85 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -311,7 +311,7 @@ module "bucket" { |---|---|:---:|:---:|:---:| | [location](variables.tf#L156) | Bucket location. | string | ✓ | | | [name](variables.tf#L199) | Bucket name suffix. | string | ✓ | | -| [project_id](variables.tf#L255) | Bucket project id. | string | ✓ | | +| [project_id](variables.tf#L257) | Bucket project id. | string | ✓ | | | [autoclass](variables.tf#L17) | Enable autoclass to automatically transition objects to appropriate storage classes based on their access pattern. If set to true, storage_class must be set to STANDARD. Defaults to false. | bool | | null | | [cors](variables.tf#L23) | CORS configuration for the bucket. Defaults to null. | object({…}) | | null | | [custom_placement_config](variables.tf#L34) | The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated as REGIONAL or MULTI_REGIONAL, the parameters are empty. | list(string) | | null | @@ -326,19 +326,19 @@ module "bucket" { | [lifecycle_rules](variables.tf#L107) | Bucket lifecycle rule. | map(object({…})) | | {} | | [logging_config](variables.tf#L162) | Bucket logging configuration. | object({…}) | | null | | [managed_folders](variables.tf#L171) | Managed folders to create within the bucket in {PATH => CONFIG} format. | map(object({…})) | | {} | -| [notification_config](variables.tf#L204) | GCS Notification configuration. | object({…}) | | null | -| [objects_to_upload](variables.tf#L219) | Objects to be uploaded to bucket. | map(object({…})) | | {} | -| [prefix](variables.tf#L245) | Optional prefix used to generate the bucket name. | string | | null | -| [public_access_prevention](variables.tf#L260) | Prevents public access to the bucket. | string | | null | -| [requester_pays](variables.tf#L270) | Enables Requester Pays on a storage bucket. | bool | | null | -| [retention_policy](variables.tf#L276) | Bucket retention policy. | object({…}) | | null | -| [rpo](variables.tf#L285) | Bucket recovery point objective. | string | | null | -| [soft_delete_retention](variables.tf#L295) | The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Set to 0 to override the default and disable. | number | | null | -| [storage_class](variables.tf#L301) | Bucket storage class. | string | | "STANDARD" | -| [tag_bindings](variables.tf#L311) | Tag bindings for this folder, in key => tag value id format. | map(string) | | {} | -| [uniform_bucket_level_access](variables.tf#L318) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true | -| [versioning](variables.tf#L324) | Enable versioning, defaults to false. | bool | | null | -| [website](variables.tf#L330) | Bucket website. | object({…}) | | null | +| [notification_config](variables.tf#L204) | GCS Notification configuration. | object({…}) | | null | +| [objects_to_upload](variables.tf#L221) | Objects to be uploaded to bucket. | map(object({…})) | | {} | +| [prefix](variables.tf#L247) | Optional prefix used to generate the bucket name. | string | | null | +| [public_access_prevention](variables.tf#L262) | Prevents public access to the bucket. | string | | null | +| [requester_pays](variables.tf#L272) | Enables Requester Pays on a storage bucket. | bool | | null | +| [retention_policy](variables.tf#L278) | Bucket retention policy. | object({…}) | | null | +| [rpo](variables.tf#L287) | Bucket recovery point objective. | string | | null | +| [soft_delete_retention](variables.tf#L297) | The duration in seconds that soft-deleted objects in the bucket will be retained and cannot be permanently deleted. Set to 0 to override the default and disable. | number | | null | +| [storage_class](variables.tf#L303) | Bucket storage class. | string | | "STANDARD" | +| [tag_bindings](variables.tf#L313) | Tag bindings for this folder, in key => tag value id format. | map(string) | | {} | +| [uniform_bucket_level_access](variables.tf#L320) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true | +| [versioning](variables.tf#L326) | Enable versioning, defaults to false. | bool | | null | +| [website](variables.tf#L332) | Bucket website. | object({…}) | | null | ## Outputs diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf index aa4258a085..db1f2e8307 100644 --- a/modules/gcs/main.tf +++ b/modules/gcs/main.tf @@ -17,6 +17,7 @@ locals { prefix = var.prefix == null ? "" : "${var.prefix}-" notification = try(var.notification_config.enabled, false) + topic_create = try(var.notification_config.topic_create, null) != null } resource "google_storage_bucket" "bucket" { @@ -172,14 +173,15 @@ resource "google_storage_notification" "notification" { } resource "google_pubsub_topic_iam_binding" "binding" { - count = try(var.notification_config.create_topic, null) == true ? 1 : 0 + count = local.topic_create ? 1 : 0 topic = google_pubsub_topic.topic[0].id role = "roles/pubsub.publisher" members = ["serviceAccount:${var.notification_config.sa_email}"] } resource "google_pubsub_topic" "topic" { - count = try(var.notification_config.create_topic, null) == true ? 1 : 0 - project = var.project_id - name = var.notification_config.topic_name + count = local.topic_create ? 1 : 0 + project = var.project_id + name = var.notification_config.topic_name + kms_key_name = try(var.notification_config.topic_create.kms_key_id, null) } diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf index 49d9fb202f..2c81dd1691 100644 --- a/modules/gcs/variables.tf +++ b/modules/gcs/variables.tf @@ -204,11 +204,13 @@ variable "name" { variable "notification_config" { description = "GCS Notification configuration." type = object({ - enabled = bool - payload_format = string - topic_name = string - sa_email = string - create_topic = optional(bool, true) + enabled = bool + payload_format = string + sa_email = string + topic_name = string + create_topic = optional(object({ + kms_key_id = optional(string) + })) event_types = optional(list(string)) custom_attributes = optional(map(string)) object_name_prefix = optional(string) diff --git a/modules/spanner-instance/main.tf b/modules/spanner-instance/main.tf index d35589ec11..26a8e33541 100644 --- a/modules/spanner-instance/main.tf +++ b/modules/spanner-instance/main.tf @@ -15,15 +15,21 @@ */ locals { - spanner_instance = var.instance_create ? google_spanner_instance.spanner_instance[0] : data.google_spanner_instance.spanner_instance[0] + spanner_instance = ( + var.instance_create + ? google_spanner_instance.spanner_instance[0] + : data.google_spanner_instance.spanner_instance[0] + ) } resource "google_spanner_instance_config" "spanner_instance_config" { - count = try(var.instance.config.auto_create, null) == null ? 0 : 1 - name = var.instance.config.name - project = var.project_id - display_name = coalesce(var.instance.config.auto_create.display_name, var.instance.config.name) - base_config = var.instance.config.auto_create.base_config + count = try(var.instance.config.auto_create, null) == null ? 0 : 1 + name = var.instance.config.name + project = var.project_id + display_name = coalesce( + var.instance.config.auto_create.display_name, var.instance.config.name + ) + base_config = var.instance.config.auto_create.base_config dynamic "replicas" { for_each = var.instance.config.auto_create.replicas content { @@ -42,9 +48,13 @@ data "google_spanner_instance" "spanner_instance" { } resource "google_spanner_instance" "spanner_instance" { - count = var.instance_create ? 1 : 0 - project = var.project_id - config = var.instance.config.auto_create == null ? var.instance.config.name : google_spanner_instance_config.spanner_instance_config[0].name + count = var.instance_create ? 1 : 0 + project = var.project_id + config = ( + var.instance.config.auto_create == null + ? var.instance.config.name + : google_spanner_instance_config.spanner_instance_config[0].name + ) name = var.instance.name display_name = coalesce(var.instance.display_name, var.instance.name) num_nodes = var.instance.num_nodes @@ -64,8 +74,12 @@ resource "google_spanner_instance" "spanner_instance" { dynamic "autoscaling_targets" { for_each = var.instance.autoscaling.targets == null ? [] : [""] content { - high_priority_cpu_utilization_percent = var.instance.autoscaling.targets.high_priority_cpu_utilization_percent - storage_utilization_percent = var.instance.autoscaling.targets.storage_utilization_percent + high_priority_cpu_utilization_percent = ( + var.instance.autoscaling.targets.high_priority_cpu_utilization_percent + ) + storage_utilization_percent = ( + var.instance.autoscaling.targets.storage_utilization_percent + ) } } }