diff --git a/README.md b/README.md index ab4987f..ba16e07 100644 --- a/README.md +++ b/README.md @@ -182,6 +182,7 @@ Available targets: | region | AWS Region the S3 bucket should reside in | string | - | yes | | restrict_public_buckets | Whether Amazon S3 should restrict public bucket policies for this bucket | bool | `true` | no | | role_arn | The role to be assumed | string | `` | no | +| s3_bucket_name | S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name | string | `` | no | | stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string | `` | no | | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | map(string) | `` | no | | terraform_backend_config_file_name | Name of terraform backend config file | string | `terraform.tf` | no | diff --git a/docs/terraform.md b/docs/terraform.md index f80d5aa..29794bb 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -26,6 +26,7 @@ | region | AWS Region the S3 bucket should reside in | string | - | yes | | restrict_public_buckets | Whether Amazon S3 should restrict public bucket policies for this bucket | bool | `true` | no | | role_arn | The role to be assumed | string | `` | no | +| s3_bucket_name | S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name | string | `` | no | | stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string | `` | no | | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | map(string) | `` | no | | terraform_backend_config_file_name | Name of terraform backend config file | string | `terraform.tf` | no | diff --git a/examples/complete/fixtures.us-west-1.tfvars b/examples/complete/fixtures.us-west-1.tfvars index 20c314d..4477f95 100644 --- a/examples/complete/fixtures.us-west-1.tfvars +++ b/examples/complete/fixtures.us-west-1.tfvars @@ -5,3 +5,5 @@ namespace = "eg" stage = "test" name = "terraform-tfstate-backend" + +s3_bucket_name = "tfstate-backend-test-bucket" \ No newline at end of file diff --git a/main.tf b/main.tf index b217ad4..c8c57ef 100644 --- a/main.tf +++ b/main.tf @@ -11,6 +11,8 @@ locals { var.terraform_backend_config_file_path, var.terraform_backend_config_file_name ) + + bucket_name = var.s3_bucket_name != "" ? var.s3_bucket_name : module.s3_bucket_label.id } module "base_label" { @@ -51,7 +53,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" { ] resources = [ - "arn:aws:s3:::${module.s3_bucket_label.id}/*", + "arn:aws:s3:::${local.bucket_name}/*", ] condition { @@ -79,7 +81,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" { ] resources = [ - "arn:aws:s3:::${module.s3_bucket_label.id}/*", + "arn:aws:s3:::${local.bucket_name}/*", ] condition { @@ -94,7 +96,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" { } resource "aws_s3_bucket" "default" { - bucket = module.s3_bucket_label.id + bucket = substr(local.bucket_name, 0, 63) acl = var.acl region = var.region force_destroy = var.force_destroy diff --git a/variables.tf b/variables.tf index 83784d3..ad4bb8f 100644 --- a/variables.tf +++ b/variables.tf @@ -202,3 +202,9 @@ variable "terraform_state_file" { default = "terraform.tfstate" description = "The path to the state file inside the bucket" } + +variable "s3_bucket_name" { + type = string + default = "" + description = "S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name" +} \ No newline at end of file