Skip to content

T
terraform-aws-s3-bucket
Commit 36344628 authored by Anton Babenko's avatar Anton Babenko Committed by GitHub
1 Browse files
Options

feat: Added wrappers automatically generated via hook (#156)

parent 63881034
Show whitespace changes
Inline Side-by-side
Showing with 214 additions and 85 deletions
.github/workflows/pre-commit.yml
View file @ 36344628
...@@ -71,6 +71,14 @@ jobs: ...@@ -71,6 +71,14 @@ jobs:
id: minMax id: minMax
uses: clowdhaus/terraform-min-max@v1.0.3 uses: clowdhaus/terraform-min-max@v1.0.3
- name: Install hcledit (for terraform_wrapper_module_for_each hook)
shell: bash
run: |
curl -L "$(curl -s https://api.github.com/repos/minamijoyo/hcledit/releases/latest | grep -o -E -m 1 "https://.+?_linux_amd64.tar.gz")" > hcledit.tgz
sudo tar -xzf hcledit.tgz -C /usr/bin/ hcledit
rm -f hcledit.tgz 2> /dev/null
hcledit version
- name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }} - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
uses: clowdhaus/terraform-composite-actions/pre-commit@v1.3.0 uses: clowdhaus/terraform-composite-actions/pre-commit@v1.3.0
with: with:
......
.pre-commit-config.yaml
View file @ 36344628
repos: repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform - repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.66.0 rev: v1.71.0
hooks: hooks:
- id: terraform_fmt - id: terraform_fmt
- id: terraform_wrapper_module_for_each
- id: terraform_validate - id: terraform_validate
- id: terraform_docs - id: terraform_docs
args: args:
......
README.md
View file @ 36344628
...@@ -97,6 +97,14 @@ inputs = { ...@@ -97,6 +97,14 @@ inputs = {
} }
``` ```
## Module wrappers
Users of this Terraform module can create multiple similar resources by using [`for_each` meta-argument within `module` block](https://www.terraform.io/language/meta-arguments/for_each) which became available in Terraform 0.13.
Users of Terragrunt can achieve similar results by using modules provided in the [wrappers](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/tree/master/wrappers) directory, if they prefer to reduce amount of configuration files.
## Examples: ## Examples:
- [Complete](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/tree/master/examples/complete) - Complete S3 bucket with most of supported features enabled - [Complete](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/tree/master/examples/complete) - Complete S3 bucket with most of supported features enabled
......
wrappers/README.md
View file @ 36344628
...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality. ...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality.
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers"
} }
inputs = { inputs = {
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -34,6 +44,14 @@ inputs = { ...@@ -34,6 +44,14 @@ inputs = {
module "wrapper" { module "wrapper" {
source = "terraform-aws-modules/s3-bucket/aws//wrappers" source = "terraform-aws-modules/s3-bucket/aws//wrappers"
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -52,18 +70,30 @@ module "wrapper" { ...@@ -52,18 +70,30 @@ module "wrapper" {
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers"
} }
inputs = { inputs = {
defaults = {
force_destroy = true
attach_elb_log_delivery_policy = true
attach_lb_log_delivery_policy = true
attach_deny_insecure_transport_policy = true
attach_require_latest_tls_policy = true
}
items = { items = {
bucket1 = { bucket1 = {
bucket = "my-random-bucket-1" bucket = "my-random-bucket-1"
force_destroy = true
} }
bucket2 = { bucket2 = {
bucket = "my-random-bucket-2" bucket = "my-random-bucket-2"
force_destroy = true tags = {
Secure = "probably"
}
} }
} }
} }
......
wrappers/main.tf
View file @ 36344628
...@@ -3,37 +3,38 @@ module "wrapper" { ...@@ -3,37 +3,38 @@ module "wrapper" {
for_each = var.items for_each = var.items
create_bucket = try(each.value.create_bucket, true) create_bucket = try(each.value.create_bucket, var.defaults.create_bucket, true)
attach_elb_log_delivery_policy = try(each.value.attach_elb_log_delivery_policy, false) attach_elb_log_delivery_policy = try(each.value.attach_elb_log_delivery_policy, var.defaults.attach_elb_log_delivery_policy, false)
attach_lb_log_delivery_policy = try(each.value.attach_lb_log_delivery_policy, false) attach_lb_log_delivery_policy = try(each.value.attach_lb_log_delivery_policy, var.defaults.attach_lb_log_delivery_policy, false)
attach_deny_insecure_transport_policy = try(each.value.attach_deny_insecure_transport_policy, false) attach_deny_insecure_transport_policy = try(each.value.attach_deny_insecure_transport_policy, var.defaults.attach_deny_insecure_transport_policy, false)
attach_require_latest_tls_policy = try(each.value.attach_require_latest_tls_policy, false) attach_require_latest_tls_policy = try(each.value.attach_require_latest_tls_policy, var.defaults.attach_require_latest_tls_policy, false)
attach_policy = try(each.value.attach_policy, false) attach_policy = try(each.value.attach_policy, var.defaults.attach_policy, false)
attach_public_policy = try(each.value.attach_public_policy, true) attach_public_policy = try(each.value.attach_public_policy, var.defaults.attach_public_policy, true)
bucket = try(each.value.bucket, null) bucket = try(each.value.bucket, var.defaults.bucket, null)
bucket_prefix = try(each.value.bucket_prefix, null) bucket_prefix = try(each.value.bucket_prefix, var.defaults.bucket_prefix, null)
acl = try(each.value.acl, null) acl = try(each.value.acl, var.defaults.acl, null)
policy = try(each.value.policy, null) policy = try(each.value.policy, var.defaults.policy, null)
tags = try(each.value.tags, {}) tags = try(each.value.tags, var.defaults.tags, {})
force_destroy = try(each.value.force_destroy, false) force_destroy = try(each.value.force_destroy, var.defaults.force_destroy, false)
acceleration_status = try(each.value.acceleration_status, null) acceleration_status = try(each.value.acceleration_status, var.defaults.acceleration_status, null)
request_payer = try(each.value.request_payer, null) request_payer = try(each.value.request_payer, var.defaults.request_payer, null)
website = try(each.value.website, {}) website = try(each.value.website, var.defaults.website, {})
cors_rule = try(each.value.cors_rule, []) cors_rule = try(each.value.cors_rule, var.defaults.cors_rule, [])
versioning = try(each.value.versioning, {}) versioning = try(each.value.versioning, var.defaults.versioning, {})
logging = try(each.value.logging, {}) logging = try(each.value.logging, var.defaults.logging, {})
grant = try(each.value.grant, []) grant = try(each.value.grant, var.defaults.grant, [])
owner = try(each.value.owner, {}) owner = try(each.value.owner, var.defaults.owner, {})
expected_bucket_owner = try(each.value.expected_bucket_owner, null) expected_bucket_owner = try(each.value.expected_bucket_owner, var.defaults.expected_bucket_owner, null)
lifecycle_rule = try(each.value.lifecycle_rule, []) lifecycle_rule = try(each.value.lifecycle_rule, var.defaults.lifecycle_rule, [])
replication_configuration = try(each.value.replication_configuration, {}) replication_configuration = try(each.value.replication_configuration, var.defaults.replication_configuration, {})
server_side_encryption_configuration = try(each.value.server_side_encryption_configuration, {}) server_side_encryption_configuration = try(each.value.server_side_encryption_configuration, var.defaults.server_side_encryption_configuration, {})
object_lock_configuration = try(each.value.object_lock_configuration, {}) object_lock_configuration = try(each.value.object_lock_configuration, var.defaults.object_lock_configuration, {})
block_public_acls = try(each.value.block_public_acls, false) object_lock_enabled = try(each.value.object_lock_enabled, var.defaults.object_lock_enabled, false)
block_public_policy = try(each.value.block_public_policy, false) block_public_acls = try(each.value.block_public_acls, var.defaults.block_public_acls, false)
ignore_public_acls = try(each.value.ignore_public_acls, false) block_public_policy = try(each.value.block_public_policy, var.defaults.block_public_policy, false)
restrict_public_buckets = try(each.value.restrict_public_buckets, false) ignore_public_acls = try(each.value.ignore_public_acls, var.defaults.ignore_public_acls, false)
control_object_ownership = try(each.value.control_object_ownership, false) restrict_public_buckets = try(each.value.restrict_public_buckets, var.defaults.restrict_public_buckets, false)
object_ownership = try(each.value.object_ownership, "ObjectWriter") control_object_ownership = try(each.value.control_object_ownership, var.defaults.control_object_ownership, false)
putin_khuylo = try(each.value.putin_khuylo, true) object_ownership = try(each.value.object_ownership, var.defaults.object_ownership, "ObjectWriter")
putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true)
} }
wrappers/notification/README.md
View file @ 36344628
...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality. ...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality.
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers/notification" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers/notification"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers/notification"
} }
inputs = { inputs = {
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -34,6 +44,14 @@ inputs = { ...@@ -34,6 +44,14 @@ inputs = {
module "wrapper" { module "wrapper" {
source = "terraform-aws-modules/s3-bucket/aws//wrappers/notification" source = "terraform-aws-modules/s3-bucket/aws//wrappers/notification"
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -52,18 +70,30 @@ module "wrapper" { ...@@ -52,18 +70,30 @@ module "wrapper" {
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers"
} }
inputs = { inputs = {
defaults = {
force_destroy = true
attach_elb_log_delivery_policy = true
attach_lb_log_delivery_policy = true
attach_deny_insecure_transport_policy = true
attach_require_latest_tls_policy = true
}
items = { items = {
bucket1 = { bucket1 = {
bucket = "my-random-bucket-1" bucket = "my-random-bucket-1"
force_destroy = true
} }
bucket2 = { bucket2 = {
bucket = "my-random-bucket-2" bucket = "my-random-bucket-2"
force_destroy = true tags = {
Secure = "probably"
}
} }
} }
} }
......
wrappers/notification/main.tf
View file @ 36344628
...@@ -3,13 +3,13 @@ module "wrapper" { ...@@ -3,13 +3,13 @@ module "wrapper" {
for_each = var.items for_each = var.items
create = try(each.value.create, true) create = try(each.value.create, var.defaults.create, true)
create_sns_policy = try(each.value.create_sns_policy, true) create_sns_policy = try(each.value.create_sns_policy, var.defaults.create_sns_policy, true)
create_sqs_policy = try(each.value.create_sqs_policy, true) create_sqs_policy = try(each.value.create_sqs_policy, var.defaults.create_sqs_policy, true)
bucket = try(each.value.bucket, "") bucket = try(each.value.bucket, var.defaults.bucket, "")
bucket_arn = try(each.value.bucket_arn, null) bucket_arn = try(each.value.bucket_arn, var.defaults.bucket_arn, null)
eventbridge = try(each.value.eventbridge, null) eventbridge = try(each.value.eventbridge, var.defaults.eventbridge, null)
lambda_notifications = try(each.value.lambda_notifications, {}) lambda_notifications = try(each.value.lambda_notifications, var.defaults.lambda_notifications, {})
sqs_notifications = try(each.value.sqs_notifications, {}) sqs_notifications = try(each.value.sqs_notifications, var.defaults.sqs_notifications, {})
sns_notifications = try(each.value.sns_notifications, {}) sns_notifications = try(each.value.sns_notifications, var.defaults.sns_notifications, {})
} }
wrappers/notification/outputs.tf
View file @ 36344628
output "wrapper" { output "wrapper" {
description = "Map of outputs of a wrapper." description = "Map of outputs of a wrapper."
value = module.wrapper value = module.wrapper
# sensitive = false # No sensitive module output found
} }
wrappers/notification/variables.tf
View file @ 36344628
variable "defaults" {
description = "Map of default values which will be used for each item."
type = any
default = {}
}
variable "items" { variable "items" {
description = "Maps of items to create a wrapper from. Values are passed through to the module." description = "Maps of items to create a wrapper from. Values are passed through to the module."
type = any type = any
......
wrappers/object/README.md
View file @ 36344628
...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality. ...@@ -12,10 +12,20 @@ This wrapper does not implement any extra functionality.
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers/object" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers/object"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers/object"
} }
inputs = { inputs = {
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -34,6 +44,14 @@ inputs = { ...@@ -34,6 +44,14 @@ inputs = {
module "wrapper" { module "wrapper" {
source = "terraform-aws-modules/s3-bucket/aws//wrappers/object" source = "terraform-aws-modules/s3-bucket/aws//wrappers/object"
defaults = { # Default values
create = true
tags = {
Terraform = "true"
Environment = "dev"
}
}
items = { items = {
my-item = { my-item = {
# omitted... can be any argument supported by the module # omitted... can be any argument supported by the module
...@@ -52,18 +70,30 @@ module "wrapper" { ...@@ -52,18 +70,30 @@ module "wrapper" {
```hcl ```hcl
terraform { terraform {
source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers" source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
# Alternative source:
# source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=master//wrappers"
} }
inputs = { inputs = {
defaults = {
force_destroy = true
attach_elb_log_delivery_policy = true
attach_lb_log_delivery_policy = true
attach_deny_insecure_transport_policy = true
attach_require_latest_tls_policy = true
}
items = { items = {
bucket1 = { bucket1 = {
bucket = "my-random-bucket-1" bucket = "my-random-bucket-1"
force_destroy = true
} }
bucket2 = { bucket2 = {
bucket = "my-random-bucket-2" bucket = "my-random-bucket-2"
force_destroy = true tags = {
Secure = "probably"
}
} }
} }
} }
......
wrappers/object/main.tf
View file @ 36344628
...@@ -3,28 +3,28 @@ module "wrapper" { ...@@ -3,28 +3,28 @@ module "wrapper" {
for_each = var.items for_each = var.items
create = try(each.value.create, true) create = try(each.value.create, var.defaults.create, true)
bucket = try(each.value.bucket, "") bucket = try(each.value.bucket, var.defaults.bucket, "")
key = try(each.value.key, "") key = try(each.value.key, var.defaults.key, "")
file_source = try(each.value.file_source, null) file_source = try(each.value.file_source, var.defaults.file_source, null)
content = try(each.value.content, null) content = try(each.value.content, var.defaults.content, null)
content_base64 = try(each.value.content_base64, null) content_base64 = try(each.value.content_base64, var.defaults.content_base64, null)
acl = try(each.value.acl, null) acl = try(each.value.acl, var.defaults.acl, null)
cache_control = try(each.value.cache_control, null) cache_control = try(each.value.cache_control, var.defaults.cache_control, null)
content_disposition = try(each.value.content_disposition, null) content_disposition = try(each.value.content_disposition, var.defaults.content_disposition, null)
content_encoding = try(each.value.content_encoding, null) content_encoding = try(each.value.content_encoding, var.defaults.content_encoding, null)
content_language = try(each.value.content_language, null) content_language = try(each.value.content_language, var.defaults.content_language, null)
content_type = try(each.value.content_type, null) content_type = try(each.value.content_type, var.defaults.content_type, null)
website_redirect = try(each.value.website_redirect, null) website_redirect = try(each.value.website_redirect, var.defaults.website_redirect, null)
storage_class = try(each.value.storage_class, null) storage_class = try(each.value.storage_class, var.defaults.storage_class, null)
etag = try(each.value.etag, null) etag = try(each.value.etag, var.defaults.etag, null)
server_side_encryption = try(each.value.server_side_encryption, null) server_side_encryption = try(each.value.server_side_encryption, var.defaults.server_side_encryption, null)
kms_key_id = try(each.value.kms_key_id, null) kms_key_id = try(each.value.kms_key_id, var.defaults.kms_key_id, null)
bucket_key_enabled = try(each.value.bucket_key_enabled, null) bucket_key_enabled = try(each.value.bucket_key_enabled, var.defaults.bucket_key_enabled, null)
metadata = try(each.value.metadata, {}) metadata = try(each.value.metadata, var.defaults.metadata, {})
tags = try(each.value.tags, {}) tags = try(each.value.tags, var.defaults.tags, {})
force_destroy = try(each.value.force_destroy, false) force_destroy = try(each.value.force_destroy, var.defaults.force_destroy, false)
object_lock_legal_hold_status = try(each.value.object_lock_legal_hold_status, null) object_lock_legal_hold_status = try(each.value.object_lock_legal_hold_status, var.defaults.object_lock_legal_hold_status, null)
object_lock_mode = try(each.value.object_lock_mode, null) object_lock_mode = try(each.value.object_lock_mode, var.defaults.object_lock_mode, null)
object_lock_retain_until_date = try(each.value.object_lock_retain_until_date, null) object_lock_retain_until_date = try(each.value.object_lock_retain_until_date, var.defaults.object_lock_retain_until_date, null)
} }
wrappers/object/outputs.tf
View file @ 36344628
output "wrapper" { output "wrapper" {
description = "Map of outputs of a wrapper." description = "Map of outputs of a wrapper."
value = module.wrapper value = module.wrapper
# sensitive = false # No sensitive module output found
} }
wrappers/object/variables.tf
View file @ 36344628
variable "defaults" {
description = "Map of default values which will be used for each item."
type = any
default = {}
}
variable "items" { variable "items" {
description = "Maps of items to create a wrapper from. Values are passed through to the module." description = "Maps of items to create a wrapper from. Values are passed through to the module."
type = any type = any
......
wrappers/outputs.tf
View file @ 36344628
output "wrapper" { output "wrapper" {
description = "Map of outputs of a wrapper." description = "Map of outputs of a wrapper."
value = module.wrapper value = module.wrapper
# sensitive = false # No sensitive module output found
} }
wrappers/variables.tf
View file @ 36344628
variable "defaults" {
description = "Map of default values which will be used for each item."
type = any
default = {}
}
variable "items" { variable "items" {
description = "Maps of items to create a wrapper from. Values are passed through to the module." description = "Maps of items to create a wrapper from. Values are passed through to the module."
type = any type = any
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment