Skip to content

Commit ac1e236

Browse files
akocbekakocbek
authored
feat: add support for setting expiry rule on COS buckets (#687)
1 parent 03cb99c commit ac1e236

File tree

7 files changed

+338
-13
lines changed

7 files changed

+338
-13
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -903,7 +903,7 @@ module "cluster_pattern" {
903903
| <a name="input_appid"></a> [appid](#input\_appid) | The App ID instance to be used for the teleport vsi deployments | <pre>object({<br> name = optional(string)<br> resource_group = optional(string)<br> use_data = optional(bool)<br> keys = optional(list(string))<br> use_appid = bool<br> })</pre> | <pre>{<br> "use_appid": false<br>}</pre> | no |
904904
| <a name="input_atracker"></a> [atracker](#input\_atracker) | atracker variables | <pre>object({<br> resource_group = string<br> receive_global_events = bool<br> collector_bucket_name = string<br> add_route = bool<br> })</pre> | n/a | yes |
905905
| <a name="input_clusters"></a> [clusters](#input\_clusters) | A list describing clusters workloads to create | <pre>list(<br> object({<br> name = string # Name of Cluster<br> vpc_name = string # Name of VPC<br> subnet_names = list(string) # List of vpc subnets for cluster<br> workers_per_subnet = number # Worker nodes per subnet.<br> machine_type = string # Worker node flavor<br> kube_type = string # iks or openshift<br> kube_version = optional(string) # Can be a version from `ibmcloud ks versions`, `latest` or `default`<br> entitlement = optional(string) # entitlement option for openshift<br> pod_subnet = optional(string) # Portable subnet for pods<br> service_subnet = optional(string) # Portable subnet for services<br> resource_group = string # Resource Group used for cluster<br> cos_name = optional(string) # Name of COS instance Required only for OpenShift clusters<br> update_all_workers = optional(bool) # If true force workers to update<br> access_tags = optional(list(string), [])<br> boot_volume_crk_name = optional(string) # Boot volume encryption key name<br> kms_config = optional(<br> object({<br> crk_name = string # Name of key<br> private_endpoint = optional(bool) # Private endpoint<br> })<br> )<br> worker_pools = optional(<br> list(<br> object({<br> name = string # Worker pool name<br> vpc_name = string # VPC name<br> workers_per_subnet = number # Worker nodes per subnet<br> flavor = string # Worker node flavor<br> subnet_names = list(string) # List of vpc subnets for worker pool<br> entitlement = optional(string) # entitlement option for openshift<br> boot_volume_crk_name = optional(string) # Boot volume encryption key name<br> })<br> )<br> )<br> })<br> )</pre> | n/a | yes |
906-
| <a name="input_cos"></a> [cos](#input\_cos) | Object describing the cloud object storage instance, buckets, and keys. Set `use_data` to false to create instance | <pre>list(<br> object({<br> name = string<br> use_data = optional(bool)<br> resource_group = string<br> plan = optional(string)<br> random_suffix = optional(bool) # Use a random suffix for COS instance<br> access_tags = optional(list(string), [])<br> buckets = list(object({<br> name = string<br> storage_class = string<br> endpoint_type = string<br> force_delete = bool<br> single_site_location = optional(string)<br> region_location = optional(string)<br> cross_region_location = optional(string)<br> kms_key = optional(string)<br> access_tags = optional(list(string), [])<br> allowed_ip = optional(list(string))<br> hard_quota = optional(number)<br> archive_rule = optional(object({<br> days = number<br> enable = bool<br> rule_id = optional(string)<br> type = string<br> }))<br> activity_tracking = optional(object({<br> activity_tracker_crn = string<br> read_data_events = bool<br> write_data_events = bool<br> }))<br> metrics_monitoring = optional(object({<br> metrics_monitoring_crn = string<br> request_metrics_enabled = optional(bool)<br> usage_metrics_enabled = optional(bool)<br> }))<br> }))<br> keys = optional(<br> list(object({<br> name = string<br> role = string<br> enable_HMAC = bool<br> }))<br> )<br><br> })<br> )</pre> | n/a | yes |
906+
| <a name="input_cos"></a> [cos](#input\_cos) | Object describing the cloud object storage instance, buckets, and keys. Set `use_data` to false to create instance | <pre>list(<br> object({<br> name = string<br> use_data = optional(bool)<br> resource_group = string<br> plan = optional(string)<br> random_suffix = optional(bool) # Use a random suffix for COS instance<br> access_tags = optional(list(string), [])<br> buckets = list(object({<br> name = string<br> storage_class = string<br> endpoint_type = string<br> force_delete = bool<br> single_site_location = optional(string)<br> region_location = optional(string)<br> cross_region_location = optional(string)<br> kms_key = optional(string)<br> access_tags = optional(list(string), [])<br> allowed_ip = optional(list(string))<br> hard_quota = optional(number)<br> archive_rule = optional(object({<br> days = number<br> enable = bool<br> rule_id = optional(string)<br> type = string<br> }))<br> expire_rule = optional(object({<br> days = optional(number)<br> date = optional(string)<br> enable = bool<br> expired_object_delete_marker = optional(string)<br> prefix = optional(string)<br> rule_id = optional(string)<br> }))<br> activity_tracking = optional(object({<br> activity_tracker_crn = string<br> read_data_events = bool<br> write_data_events = bool<br> }))<br> metrics_monitoring = optional(object({<br> metrics_monitoring_crn = string<br> request_metrics_enabled = optional(bool)<br> usage_metrics_enabled = optional(bool)<br> }))<br> }))<br> keys = optional(<br> list(object({<br> name = string<br> role = string<br> enable_HMAC = bool<br> }))<br> )<br><br> })<br> )</pre> | n/a | yes |
907907
| <a name="input_enable_transit_gateway"></a> [enable\_transit\_gateway](#input\_enable\_transit\_gateway) | Create transit gateway | `bool` | `true` | no |
908908
| <a name="input_f5_template_data"></a> [f5\_template\_data](#input\_f5\_template\_data) | Data for all f5 templates | <pre>object({<br> tmos_admin_password = optional(string)<br> license_type = optional(string)<br> byol_license_basekey = optional(string)<br> license_host = optional(string)<br> license_username = optional(string)<br> license_password = optional(string)<br> license_pool = optional(string)<br> license_sku_keyword_1 = optional(string)<br> license_sku_keyword_2 = optional(string)<br> license_unit_of_measure = optional(string)<br> do_declaration_url = optional(string)<br> as3_declaration_url = optional(string)<br> ts_declaration_url = optional(string)<br> phone_home_url = optional(string)<br> template_source = optional(string)<br> template_version = optional(string)<br> app_id = optional(string)<br> tgactive_url = optional(string)<br> tgstandby_url = optional(string)<br> tgrefresh_url = optional(string)<br> })</pre> | <pre>{<br> "license_type": "none"<br>}</pre> | no |
909909
| <a name="input_f5_vsi"></a> [f5\_vsi](#input\_f5\_vsi) | A list describing F5 VSI workloads to create | <pre>list(<br> object({<br> name = string<br> vpc_name = string<br> primary_subnet_name = string<br> secondary_subnet_names = list(string)<br> secondary_subnet_security_group_names = list(<br> object({<br> group_name = string<br> interface_name = string<br> })<br> )<br> ssh_keys = list(string)<br> f5_image_name = string<br> machine_type = string<br> resource_group = optional(string)<br> enable_management_floating_ip = optional(bool)<br> enable_external_floating_ip = optional(bool)<br> security_groups = optional(list(string))<br> boot_volume_encryption_key_name = optional(string)<br> hostname = string<br> domain = string<br> access_tags = optional(list(string), [])<br> security_group = optional(<br> object({<br> name = string<br> rules = list(<br> object({<br> name = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = number<br> port_min = number<br> })<br> )<br> udp = optional(<br> object({<br> port_max = number<br> port_min = number<br> })<br> )<br> icmp = optional(<br> object({<br> type = number<br> code = number<br> })<br> )<br> })<br> )<br> })<br> )<br> block_storage_volumes = optional(list(<br> object({<br> name = string<br> profile = string<br> capacity = optional(number)<br> iops = optional(number)<br> encryption_key = optional(string)<br> })<br> ))<br> load_balancers = optional(list(<br> object({<br> name = string<br> type = string<br> listener_port = number<br> listener_protocol = string<br> connection_limit = number<br> algorithm = string<br> protocol = string<br> health_delay = number<br> health_retries = number<br> health_timeout = number<br> health_type = string<br> pool_member_port = string<br> idle_connection_timeout = optional(number)<br> security_group = optional(<br> object({<br> name = string<br> rules = list(<br> object({<br> name = string<br> direction = string<br> source = string<br> tcp = optional(<br> object({<br> port_max = number<br> port_min = number<br> })<br> )<br> udp = optional(<br> object({<br> port_max = number<br> port_min = number<br> })<br> )<br> icmp = optional(<br> object({<br> type = number<br> code = number<br> })<br> )<br> })<br> )<br> })<br> )<br> })<br> ))<br> })<br> )</pre> | `[]` | no |

cos.tf

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,23 @@ resource "ibm_cos_bucket" "buckets" {
9898
key.crn if key.name == each.value.kms_key
9999
][0]
100100

101+
dynamic "expire_rule" {
102+
for_each = (
103+
each.value.expire_rule == null
104+
? []
105+
: [each.value.expire_rule]
106+
)
107+
108+
content {
109+
days = expire_rule.value.days
110+
date = expire_rule.value.date
111+
enable = expire_rule.value.enable
112+
expired_object_delete_marker = expire_rule.value.expired_object_delete_marker
113+
prefix = expire_rule.value.prefix
114+
rule_id = expire_rule.value.rule_id
115+
}
116+
}
117+
101118
dynamic "archive_rule" {
102119
for_each = (
103120
each.value.archive_rule == null

patterns/mixed/override.json

Lines changed: 78 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,32 @@
5050
"force_delete": true,
5151
"kms_key": "slz-atracker-key",
5252
"name": "atracker-bucket",
53-
"storage_class": "standard"
53+
"storage_class": "standard",
54+
"region_location": "us-south",
55+
"hard_quota": 0,
56+
"allowed_ip": ["10.10.10.10/24"],
57+
"expire_rule": {
58+
"rule_id": "a-bucket-expire-rule",
59+
"enable": true,
60+
"days": 30,
61+
"prefix": "logs/"
62+
},
63+
"archive_rule": {
64+
"rule_id": "a-bucket-arch-rule",
65+
"enable": true,
66+
"days": 0,
67+
"type": "GLACIER"
68+
},
69+
"activity_tracking": {
70+
"read_data_events": true,
71+
"write_data_events": true,
72+
"activity_tracker_crn": "activity-tracker-crn"
73+
},
74+
"metrics_monitoring": {
75+
"usage_metrics_enabled": true,
76+
"request_metrics_enabled": true,
77+
"metrics_monitoring_crn": "metrics-monitor-crn"
78+
}
5479
}
5580
],
5681
"keys": [
@@ -72,14 +97,64 @@
7297
"force_delete": true,
7398
"kms_key": "slz-slz-key",
7499
"name": "management-bucket",
75-
"storage_class": "standard"
100+
"storage_class": "standard",
101+
"region_location": "us-south",
102+
"hard_quota": 0,
103+
"allowed_ip": ["10.10.10.10/24"],
104+
"expire_rule": {
105+
"rule_id": "a-bucket-expire-rule",
106+
"enable": true,
107+
"days": 30,
108+
"prefix": "logs/"
109+
},
110+
"archive_rule": {
111+
"rule_id": "a-bucket-arch-rule",
112+
"enable": true,
113+
"days": 0,
114+
"type": "GLACIER"
115+
},
116+
"activity_tracking": {
117+
"read_data_events": true,
118+
"write_data_events": true,
119+
"activity_tracker_crn": "activity-tracker-crn"
120+
},
121+
"metrics_monitoring": {
122+
"usage_metrics_enabled": true,
123+
"request_metrics_enabled": true,
124+
"metrics_monitoring_crn": "metrics-monitor-crn"
125+
}
76126
},
77127
{
78128
"endpoint_type": "public",
79129
"force_delete": true,
80130
"kms_key": "slz-slz-key",
81131
"name": "workload-bucket",
82-
"storage_class": "standard"
132+
"storage_class": "standard",
133+
"region_location": "us-south",
134+
"hard_quota": 0,
135+
"allowed_ip": ["10.10.10.10/24"],
136+
"expire_rule": {
137+
"rule_id": "a-bucket-expire-rule",
138+
"enable": true,
139+
"days": 30,
140+
"prefix": "logs/"
141+
},
142+
"archive_rule": {
143+
"rule_id": "a-bucket-arch-rule",
144+
"enable": true,
145+
"days": 0,
146+
"type": "GLACIER"
147+
},
148+
"activity_tracking": {
149+
"read_data_events": true,
150+
"write_data_events": true,
151+
"activity_tracker_crn": "activity-tracker-crn"
152+
},
153+
"metrics_monitoring": {
154+
"usage_metrics_enabled": true,
155+
"request_metrics_enabled": true,
156+
"metrics_monitoring_crn": "metrics-monitor-crn"
157+
}
83158
}
84159
],
85160
"keys": [],

0 commit comments

Comments
 (0)