https://github.com/quortex/terraform-aws-storage
A terraform module for Quortex infrastructure GCP persistent storage layer.
https://github.com/quortex/terraform-aws-storage
aws terraform
Last synced: 2 months ago
JSON representation
A terraform module for Quortex infrastructure GCP persistent storage layer.
- Host: GitHub
- URL: https://github.com/quortex/terraform-aws-storage
- Owner: quortex
- License: apache-2.0
- Created: 2020-04-22T12:29:20.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2023-12-04T16:24:16.000Z (over 2 years ago)
- Last Synced: 2023-12-05T14:33:20.652Z (over 2 years ago)
- Topics: aws, terraform
- Language: HCL
- Size: 35.2 KB
- Stars: 2
- Watchers: 4
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[![Quortex][logo]](https://quortex.io)
# terraform-aws-storage
A terraform module for Quortex infrastructure AWS persistent storage layer.
It provides a set of resources necessary to provision the bucket and access key on Amazon AWS.
![infra_diagram]
This module is available on [Terraform Registry][registry_tf_aws-eks_storage].
Get all our terraform modules on [Terraform Registry][registry_tf_modules] or on [Github][github_tf_modules] !
## Created resources
This module creates the following resources in AWS:
- as many buckets in Amazon S3 as defined in the configuration
- a new user, with access to the bucket
- the key ID and secret for this user
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.12 |
| [aws](#requirement\_aws) | ~> 4.0.0 |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [buckets](#input\_buckets) | The list of buckets to create. |
set(
object({
name = string
label = string
tags = map(string)
expiration = optional(object({
enabled = bool
expiration_days = number
}))
role = optional(object({
enabled = bool
service_accounts = list(object({
name = string
namespace = string
}))
}))
})
)
| `[]` | no |
| [storage\_prefix](#input\_storage\_prefix) | A prefix for bucket names and service account id. Bucket names will be computed from this prefix and the provided buckets variable. | `string` | `"quortex"` | no |
| [force\_destroy](#input\_force\_destroy) | When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run. | `bool` | `false` | no |
| [enable\_bucket\_encryption](#input\_enable\_bucket\_encryption) | Should the created bucket encrypted using SSE-S3. | `bool` | `true` | no |
| [enable\_cloudfront\_oia](#input\_enable\_cloudfront\_oia) | Wether to enable cloudfront origin access identity for buckets. | `bool` | `false` | no |
| [sa\_path](#input\_sa\_path) | The path to assign to bucket's service account. | `string` | `"/system/"` | no |
| [tags](#input\_tags) | Tags to apply to resources. A list of key->value pairs. | `map(any)` | `{}` | no |
| [cluster\_oidc\_issuer](#input\_cluster\_oidc\_issuer) | The cluster OpenID Connect Issuer. | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
| [buckets](#output\_buckets) | A map of bucket informations for each bucket provided in variables. |
| [access\_key\_id](#output\_access\_key\_id) | The key ID to use for buckets access. |
| [access\_key\_secret](#output\_access\_key\_secret) | The key secret to use for buckets access. |
## Resources
| Name | Type |
|------|------|
| [aws_cloudfront_origin_access_identity.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_identity) | resource |
| [aws_iam_access_key.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
| [aws_iam_policy.aws_eks_irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_iam_role.aws_eks_irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.aws_eks_irsa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_iam_user.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
| [aws_iam_user_policy.quortex_bucket_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user_policy) | resource |
| [aws_s3_bucket.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_lifecycle_configuration.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_lifecycle_configuration) | resource |
| [aws_s3_bucket_policy.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
| [aws_s3_bucket_public_access_block.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [aws_s3_bucket_server_side_encryption_configuration.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.irsa_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.quortex](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
---
## Related Projects
This project is part of our terraform modules to provision a Quortex infrastructure for AWS.
Check out these related projects.
- [terraform-aws-network][registry_tf_aws-eks_network] - A terraform module for Quortex infrastructure network layer.
- [terraform-aws-eks-cluster][registry_tf_aws-eks_cluster] - A terraform module for Quortex infrastructure AWS cluster layer.
- [terraform-aws-eks-load-balancer][registry_tf_aws-eks_load_balancer] - A terraform module for Quortex infrastructure AWS load balancing layer.
[logo]: https://storage.googleapis.com/quortex-assets/logo.webp
[infra_diagram]: https://storage.googleapis.com/quortex-assets/infra_aws_001.jpg
[registry_tf_modules]: https://registry.terraform.io/modules/quortex
[registry_tf_aws-eks_network]: https://registry.terraform.io/modules/quortex/network/aws
[registry_tf_aws-eks_cluster]: https://registry.terraform.io/modules/quortex/eks-cluster/aws
[registry_tf_aws-eks_load_balancer]: https://registry.terraform.io/modules/quortex/load-balancer/aws
[registry_tf_aws-eks_storage]: https://registry.terraform.io/modules/quortex/storage/aws
[github_tf_modules]: https://github.com/quortex?q=terraform-
## Help
**Got a question?**
File a GitHub [issue](https://github.com/quortex/terraform-aws-storage/issues).