Skip to content

Commit

Permalink
Merge pull request #2 from tegridy-io/feat/support-aws-buckets
Browse files Browse the repository at this point in the history 
Support creating buckets on aws
  • Loading branch information
@DebakelOrakel
DebakelOrakel authored Aug 31, 2024
2 parents ec4fcbe + d0c550a commit d4faf49
Show file tree
Hide file tree
Showing 4 changed files with 95 additions and 0 deletions.
60 changes: 60 additions & 0 deletions aws_bucket/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
## ----- locals ----------------------------------------------------------------

locals {
create_user = var.user_name == "" ? true : false
bucket_name = var.bucket_prefix == "" ? var.bucket_name : format("%s-%s", var.bucket_prefix, var.bucket_name)
user_name = var.user_name == "" ? local.bucket_name : var.user_name
}

## ----- bucket user -----------------------------------------------------------

module "user" {
source = "../aws_user"
count = local.create_user ? 1 : 0

user_name = local.user_name
path = "/bucket-users/"
}

data "aws_iam_user" "bucket" {
count = local.create_user ? 0 : 1

user_name = local.user_name
}

## ----- access control --------------------------------------------------------

data "aws_iam_policy_document" "bucket" {
statement {
actions = [
"s3:ListBucket",
]

resources = [
format("%s", aws_s3_bucket.bucket.arn),
]
}
statement {
actions = [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
]

resources = [
format("%s/*", aws_s3_bucket.bucket.arn),
]
}
}

resource "aws_iam_user_policy" "bucket" {
name = local.create_user ? format("%s-access", local.user_name) : format("%s-%s-access", local.user_name, local.bucket_name)
user = local.user_name
policy = data.aws_iam_policy_document.bucket.json
}

## ----- bucket ----------------------------------------------------------------

resource "aws_s3_bucket" "bucket" {
bucket = local.bucket_name
}
8 changes: 8 additions & 0 deletions aws_bucket/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
output "user_access_key" {
value = local.create_user ? module.user[0].access_key : null
}

output "user_secret_key" {
value = local.create_user ? module.user[0].secret_key : null
sensitive = true
}
9 changes: 9 additions & 0 deletions aws_bucket/providers.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
terraform {
required_version = ">= 1.9.5"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.65.0"
}
}
}
18 changes: 18 additions & 0 deletions aws_bucket/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
## ----- general configuration -------------------------------------------------

variable "bucket_name" {
description = "Name of the bucket."
type = string
}

variable "bucket_prefix" {
description = "Prefix for the bucket name."
type = string
default = "tegridy"
}

variable "user_name" {
description = "If provided no additional user will be created."
type = string
default = ""
}

0 comments on commit d4faf49

Please sign in to comment.