Skip to content

Commit

Permalink
feat: Add support for IAM policies.
Browse files Browse the repository at this point in the history
Co-authored-by: Philippe LEAL <[email protected]>
  • Loading branch information
benoit-garcia and lotusnoir committed Apr 1, 2024
1 parent 0647345 commit 566edef
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ module "my_bucket" {
| [scaleway_object_bucket.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/object_bucket) | resource |
| [scaleway_object_bucket_acl.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/object_bucket_acl) | resource |
| [scaleway_object_bucket_lock_configuration.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/object_bucket_lock_configuration) | resource |
| [scaleway_object_bucket_policy.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/object_bucket_policy) | resource |

## Inputs

Expand All @@ -40,6 +41,7 @@ module "my_bucket" {
| <a name="input_name"></a> [name](#input_name) | Name of the bucket. | `string` | n/a | yes |
| <a name="input_acl"></a> [acl](#input_acl) | Canned ACL to apply to the bucket. See AWS (documentation)[https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl] for more information. | `string` | `"private"` | no |
| <a name="input_force_destroy"></a> [force_destroy](#input_force_destroy) | Enable deletion of objects in bucket before destroying, locked objects or under legal hold are also deleted and not recoverable. | `bool` | `false` | no |
| <a name="input_policy"></a> [policy](#input_policy) | Policy document. For more information about building AWS IAM policy documents with Terraform, see the [AWS IAM Policy Document Guide](https://learn.hashicorp.com/tutorials/terraform/aws-iam-policy). | ```object({ Version = string, Id = string Statement = list(object({ Sid = string Effect = string Principal = string Action = list(string) Resource = list(string) })) })``` | `null` | no |
| <a name="input_project_id"></a> [project_id](#input_project_id) | ID of the project the bucket is associated with. If null, ressources will be created in the default project associated with the key. | `string` | `null` | no |
| <a name="input_region"></a> [region](#input_region) | Region in which the bucket should be created. Ressource will be created in the region set at the provider level if null. | `string` | `null` | no |
| <a name="input_tags"></a> [tags](#input_tags) | A list of tags for the bucket. As the Scaleway console does not support key/value tags, tags are written with the format value/value. | `list(string)` | `[]` | no |
Expand Down
8 changes: 8 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,11 @@ resource "scaleway_object_bucket_lock_configuration" "this" {
}
}
}

resource "scaleway_object_bucket_policy" "this" {
count = var.policy != null ? 1 : 0

bucket = scaleway_object_bucket.this.name
policy = jsonencode(var.policy)
project_id = var.project_id
}
16 changes: 16 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,22 @@ variable "name" {
type = string
}

variable "policy" {
description = "Policy document. For more information about building AWS IAM policy documents with Terraform, see the [AWS IAM Policy Document Guide](https://learn.hashicorp.com/tutorials/terraform/aws-iam-policy)."
type = object({
Version = string,
Id = string
Statement = list(object({
Sid = string
Effect = string
Principal = string
Action = list(string)
Resource = list(string)
}))
})
default = null
}

variable "project_id" {
description = "ID of the project the bucket is associated with. If null, ressources will be created in the default project associated with the key."
type = string
Expand Down

0 comments on commit 566edef

Please sign in to comment.