Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rhythmictech/terraform-aws-helmrepo
Create an S3 bucket intended to serve as a Helm repo. Configures basic encryption.
https://github.com/rhythmictech/terraform-aws-helmrepo
aws helm helm-repository s3 terraform terraform-module
Last synced: about 2 months ago
JSON representation
Create an S3 bucket intended to serve as a Helm repo. Configures basic encryption.
- Host: GitHub
- URL: https://github.com/rhythmictech/terraform-aws-helmrepo
- Owner: rhythmictech
- License: mit
- Created: 2020-03-07T20:22:13.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2023-02-28T16:40:05.000Z (almost 2 years ago)
- Last Synced: 2023-03-02T22:06:08.411Z (almost 2 years ago)
- Topics: aws, helm, helm-repository, s3, terraform, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/rhythmictech/helmrepo/aws
- Size: 26.4 KB
- Stars: 2
- Watchers: 2
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# terraform-aws-helmrepo
[](https://github.com/rhythmictech/terraform-aws-helmrepo/actions?query=workflow%3Atflint+event%3Apush+branch%3Amaster)
[](https://github.com/rhythmictech/terraform-aws-helmrepo/actions?query=workflow%3Atfsec+event%3Apush+branch%3Amaster)
[](https://github.com/rhythmictech/terraform-aws-helmrepo/actions?query=workflow%3Ayamllint+event%3Apush+branch%3Amaster)
[](https://github.com/rhythmictech/terraform-aws-helmrepo/actions?query=workflow%3Amisspell+event%3Apush+branch%3Amaster)
[](https://github.com/rhythmictech/terraform-aws-helmrepo/actions?query=workflow%3Apre-commit-check+event%3Apush+branch%3Amaster)
Create an S3 bucket intended to serve as a Helm repo. Features:
- Configures basic encryption
- Supports sharing the bucket across many accounts with `var.allowed_account_ids, var.allowed_account_ids_writ`
- Supports cross-region bucket replication with `var.dest_region`
## Usage
```
module {
source = "rhythmictech/helmrepo/aws"
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.12.19 |
| [aws](#requirement\_aws) | >= 4.0 |
| [random](#requirement\_random) | >= 3 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | 4.56.0 |
| [aws.destination](#provider\_aws.destination) | 4.56.0 |
| [random](#provider\_random) | 3.4.3 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [aws_iam_policy.replication_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_iam_policy_attachment.replication](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment) | resource |
| [aws_iam_role.replication](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_s3_bucket.destination](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_policy.destination](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
| [aws_s3_bucket_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
| [aws_s3_bucket_public_access_block.dest_block_public_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [aws_s3_bucket_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [aws_s3_bucket_replication_configuration.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_replication_configuration) | resource |
| [random_id.replication](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.destination](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.destination_combined](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.replication_assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.replication_policy_doc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_region.region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [allowed\_account\_ids](#input\_allowed\_account\_ids) | List of AWS account IDs to grant read-only access to the repo. Due to how policies are constructed, there's effectively a limit of about 9 accounts. | `list(string)` | `[]` | no |
| [allowed\_account\_ids\_write](#input\_allowed\_account\_ids\_write) | List of AWS account IDs to grant write access to the repo. Due to how policies are constructed, there's effectively a limit of about 9 accounts. | `list(string)` | `[]` | no |
| [dest\_extra\_bucket\_policy](#input\_dest\_extra\_bucket\_policy) | Extra bucket policies to attach to the destination bucket. Pass in as aws\_iam\_policy\_document json | `string` | `""` | no |
| [dest\_logging\_bucket](#input\_dest\_logging\_bucket) | S3 bucket name to log bucket access requests to (optional) | `string` | `null` | no |
| [dest\_logging\_bucket\_prefix](#input\_dest\_logging\_bucket\_prefix) | S3 bucket prefix to log bucket access requests to (optional). If blank but a `logging_bucket` is specified, this will be set to the name of the bucket | `string` | `null` | no |
| [dest\_region](#input\_dest\_region) | Region to replicate repo bucket to (omit to disable replication) | `string` | `""` | no |
| [logging\_bucket](#input\_logging\_bucket) | S3 bucket name to log bucket access requests to (optional) | `string` | `null` | no |
| [logging\_bucket\_prefix](#input\_logging\_bucket\_prefix) | S3 bucket prefix to log bucket access requests to (optional). If blank but a `logging_bucket` is specified, this will be set to the name of the bucket | `string` | `null` | no |
| [name](#input\_name) | Bucket name for the helm repo. Specify to control the exact name of the bucket, otherwise use `name_suffix` | `string` | `null` | no |
| [name\_suffix](#input\_name\_suffix) | Bucket suffix for the repo (bucket will be named `[ACCOUNT_ID]-[REGION]-[name_suffix]`, not used if `name` is specified) | `string` | `"helmrepo"` | no |
| [tags](#input\_tags) | Tags to add to supported resources | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [s3\_bucket](#output\_s3\_bucket) | Bucket name of the repo |