-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
sos: introduce bucket policy resource (#391)
Since the AWS provider isn't compatible anymore with our bucket policy format we introduce our own resource for this purpose. It was necessary to update `github.com/hashicorp/terraform-plugin-testing` because it required each resource to have an "id" attribute, which is not actually required by terraform itself, only by this testing library. Thus this requirement was removed in [v1.5.0](https://developer.hashicorp.com/terraform/plugin/framework/acctests#no-id-found-in-attributes). --------- Co-authored-by: Predrag Janosevic <[email protected]>
- Loading branch information
Showing
1,627 changed files
with
251,608 additions
and
22,104 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| --- | ||
| # generated by https://github.com/hashicorp/terraform-plugin-docs | ||
| page_title: "exoscale_sos_bucket_policy Data Source - terraform-provider-exoscale" | ||
| subcategory: "" | ||
| description: |- | ||
| Fetch Exoscale SOS Bucket Policies https://community.exoscale.com/documentation/storage/bucketpolicy/. | ||
| --- | ||
|
|
||
| # exoscale_sos_bucket_policy (Data Source) | ||
|
|
||
| Fetch Exoscale [SOS Bucket Policies](https://community.exoscale.com/documentation/storage/bucketpolicy/). | ||
|
|
||
|
|
||
|
|
||
| <!-- schema generated by tfplugindocs --> | ||
| ## Schema | ||
|
|
||
| ### Required | ||
|
|
||
| - `bucket` (String) The name of the bucket to which the policy is to be applied. | ||
| - `zone` (String) The Exoscale [Zone](https://www.exoscale.com/datacenters/) name. | ||
|
|
||
| ### Optional | ||
|
|
||
| - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts)) | ||
|
|
||
| ### Read-Only | ||
|
|
||
| - `policy` (String) The content of the policy | ||
|
|
||
| <a id="nestedblock--timeouts"></a> | ||
| ### Nested Schema for `timeouts` | ||
|
|
||
| Optional: | ||
|
|
||
| - `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled. | ||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| --- | ||
| # generated by https://github.com/hashicorp/terraform-plugin-docs | ||
| page_title: "exoscale_sos_bucket_policy Resource - terraform-provider-exoscale" | ||
| subcategory: "" | ||
| description: |- | ||
| Manage Exoscale SOS Bucket Policies https://community.exoscale.com/documentation/storage/bucketpolicy/. | ||
| --- | ||
|
|
||
| # exoscale_sos_bucket_policy (Resource) | ||
|
|
||
| Manage Exoscale [SOS Bucket Policies](https://community.exoscale.com/documentation/storage/bucketpolicy/). | ||
|
|
||
|
|
||
|
|
||
| <!-- schema generated by tfplugindocs --> | ||
| ## Schema | ||
|
|
||
| ### Required | ||
|
|
||
| - `bucket` (String) ❗ The name of the bucket to which the policy is to be applied. | ||
| - `policy` (String) The content of the policy | ||
| - `zone` (String) ❗ The Exoscale [Zone](https://www.exoscale.com/datacenters/) name. | ||
|
|
||
| ### Optional | ||
|
|
||
| - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts)) | ||
|
|
||
| <a id="nestedblock--timeouts"></a> | ||
| ### Nested Schema for `timeouts` | ||
|
|
||
| Optional: | ||
|
|
||
| - `create` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). | ||
| - `delete` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. | ||
| - `read` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled. | ||
| - `update` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). | ||
|
|
||
| -> The symbol ❗ in an attribute indicates that modifying it, will force the creation of a new resource. | ||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| # SOS Bucket Policies | ||
|
|
||
| This example demonstrates how to manage Exoscale [SOS Bucket Policies](https://community.exoscale.com/documentation/storage/bucketpolicy/). | ||
|
|
||
| ```console | ||
| terraform init | ||
| terraform apply \ | ||
| -var exoscale_api_key=$EXOSCALE_API_KEY \ | ||
| -var exoscale_api_secret=$EXOSCALE_API_SECRET | ||
|
|
||
| ... | ||
|
|
||
| Outputs: | ||
|
|
||
| my_bucket_uri = <<EOT | ||
| https://sos-ch-gva-2.exo.io/my-bucket-6bed6744-c98e-aaba-1710-3ac09522348e | ||
|
|
||
| EOT | ||
| my_data_policy = "{\"default-service-strategy\":\"allow\",\"services\":{\"sos\":{\"type\":\"allow\"}}}" | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| { | ||
| "default-service-strategy": "allow", | ||
| "services": { | ||
| "sos": { | ||
| "type": "allow" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| # Providers | ||
| # -> providers.tf | ||
|
|
||
| # Customizable parameters | ||
| locals { | ||
| my_zone = "ch-gva-2" | ||
| my_bucket = "my-bucket" | ||
| } | ||
|
|
||
| # Sample random UUID | ||
| resource "random_uuid" "my_uuid" { | ||
| } | ||
|
|
||
| # SOS bucket | ||
| resource "aws_s3_bucket" "my_bucket" { | ||
| bucket = "${local.my_bucket}-${resource.random_uuid.my_uuid.result}" | ||
| } | ||
|
|
||
| resource "exoscale_sos_bucket_policy" "my_policy" { | ||
| bucket = aws_s3_bucket.my_bucket.bucket | ||
| policy = templatefile("${path.module}/bucket_policy.json.tpl", {}) | ||
| zone = local.my_zone | ||
| } | ||
|
|
||
| data "exoscale_sos_bucket_policy" "my_policy_ds" { | ||
| bucket = exoscale_sos_bucket_policy.my_policy.bucket | ||
| zone = local.my_zone | ||
| } | ||
|
|
||
| # Outputs | ||
| output "my_bucket_uri" { | ||
| value = format( | ||
| "https://sos-%s.exo.io/%s\n", | ||
| aws_s3_bucket.my_bucket.region, | ||
| aws_s3_bucket.my_bucket.bucket, | ||
| ) | ||
| } | ||
|
|
||
| output "my_data_policy" { | ||
| value = data.exoscale_sos_bucket_policy.my_policy_ds.policy | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| terraform { | ||
| required_providers { | ||
| aws = { | ||
| source = "hashicorp/aws" | ||
| } | ||
| exoscale = { | ||
| source = "exoscale/exoscale" | ||
| } | ||
| } | ||
| } | ||
|
|
||
| variable "exoscale_api_key" { type = string } | ||
| variable "exoscale_api_secret" { type = string } | ||
| provider "aws" { | ||
| access_key = var.exoscale_api_key | ||
| secret_key = var.exoscale_api_secret | ||
|
|
||
| region = local.my_zone | ||
| endpoints { | ||
| s3 = "https://sos-${local.my_zone}.exo.io" | ||
| } | ||
|
|
||
| # Disable AWS-specific features | ||
| skip_credentials_validation = true | ||
| skip_region_validation = true | ||
| skip_requesting_account_id = true | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.