Skip to content
/ terraform-aws-storage Public

A terraform module for Quortex infrastructure GCP persistent storage layer.

License

Apache-2.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

quortex/terraform-aws-storage

BranchesTags

Repository files navigation

Quortex

terraform-aws-storage

A terraform module for Quortex infrastructure AWS persistent storage layer.

It provides a set of resources necessary to provision the bucket and access key on Amazon AWS.

infra_diagram

This module is available on Terraform Registry.

Get all our terraform modules on Terraform Registry or on Github !

Created resources

This module creates the following resources in AWS:

  • as many buckets in Amazon S3 as defined in the configuration
  • a new user, with access to the bucket
  • the key ID and secret for this user

Requirements

Name Version
terraform >= 0.12
aws ~> 4.0.0

Inputs

Name Description Type Default Required
buckets The list of buckets to create. 
set(
    object({
      name  = string
      label = string
      tags  = map(string)
      expiration = optional(object({
        enabled         = bool
        expiration_days = number
      }))
      role = optional(object({
        enabled = bool
        service_accounts = list(object({
          name      = string
          namespace = string
        }))
      }))
    })
  )
 [] no
storage_prefix A prefix for bucket names and service account id. Bucket names will be computed from this prefix and the provided buckets variable. string "quortex" no
force_destroy When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run. bool false no
enable_bucket_encryption Should the created bucket encrypted using SSE-S3. bool true no
enable_cloudfront_oia Wether to enable cloudfront origin access identity for buckets. bool false no
sa_path The path to assign to bucket's service account. string "/system/" no
tags Tags to apply to resources. A list of key->value pairs. map(any) {} no
cluster_oidc_issuer The cluster OpenID Connect Issuer. string n/a yes

Outputs

Name Description
buckets A map of bucket informations for each bucket provided in variables.
access_key_id The key ID to use for buckets access.
access_key_secret The key secret to use for buckets access.

Resources

Name Type
aws_cloudfront_origin_access_identity.quortex resource
aws_iam_access_key.quortex resource
aws_iam_policy.aws_eks_irsa resource
aws_iam_role.aws_eks_irsa resource
aws_iam_role_policy_attachment.aws_eks_irsa resource
aws_iam_user.quortex resource
aws_iam_user_policy.quortex_bucket_rw resource
aws_s3_bucket.quortex resource
aws_s3_bucket_lifecycle_configuration.quortex resource
aws_s3_bucket_policy.quortex resource
aws_s3_bucket_public_access_block.quortex resource
aws_s3_bucket_server_side_encryption_configuration.quortex resource
aws_caller_identity.current data source
aws_iam_policy_document.irsa_assume_role_policy data source
aws_iam_policy_document.quortex data source

Related Projects

This project is part of our terraform modules to provision a Quortex infrastructure for AWS.

Check out these related projects.

Help

Got a question?

File a GitHub issue.

About

A terraform module for Quortex infrastructure GCP persistent storage layer.

Topics

aws terraform

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

1 fork
Report repository

Releases 17

3.2.0 Latest
May 23, 2024
+ 16 releases

Packages

No packages published

Contributors 8

Languages