We value your privacy
The module creates an object storage bucket in DigitalOcean Spaces. Spaces Object Storage is an Amazon S3-compatible object storage service.
Allows configuring essential parameters:
Once you have a Corewide Solutions Portal account, this one-time action will use your browser session to retrieve credentials:
shellterraform login solutions.corewide.com
Initialize mandatory providers:
Copy and paste into your Terraform configuration and insert the variables:
hclmodule "tf_do_spaces_bucket" {
source = "solutions.corewide.com/digitalocean/tf-do-spaces-bucket/digitalocean"
version = "~> 1.1.0"
# specify module inputs here or try one of the examples below
...
}
Initialize the setup:
shellterraform init
Corewide DevOps team strictly follows Semantic Versioning
Specification
to
provide our clients with products that have predictable upgrades between versions. We
recommend
pinning
patch versions of our modules using pessimistic
constraint operator (~>) to prevent breaking changes during upgrades.
To get new features during the upgrades (without breaking compatibility), use
~> 1.1 and run
terraform init -upgrade
For the safest setup, use strict pinning with version = "1.1.0"
The module creates an object storage bucket in DigitalOcean Spaces. Spaces Object Storage is an Amazon S3-compatible object storage service.
Allows configuring essential parameters:
All notable changes to this project are documented here.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
cors_parameters variableFirst stable version
Simple configuration with publicly accessible storage:
hclmodule "spaces" {
source = "solutions.corewide.com/digitalocean/tf-do-spaces-bucket/digitalocean"
version = "~> 1.1"
name = "foo"
region = "fra1"
access_mode = "public-read"
}
Minimal setup with default parameters:
hclmodule "spaces" {
source = "solutions.corewide.com/digitalocean/tf-do-spaces-bucket/digitalocean"
version = "~> 1.1"
name = "foo"
region = "fra1"
}
Setup with custom configuration, versioning enabled, access_mode is private, policy assigned, and a cors_parameters set:
hclmodule "spaces" {
source = "solutions.corewide.com/digitalocean/tf-do-spaces-bucket/digitalocean"
version = "~> 1.1"
name = "foo"
region = "fra1"
access_mode = "private"
versioning = true
bucket_policies = {
policy-deny-delete-objects = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Deny"
Principal = "*"
Action = [
"s3:DeleteObject",
]
Resource = [
"arn:aws:s3:::${module.spaces.bucket.name}/protected/*",
]
}
]
})
policy-allow-read-write-bucket = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Principal = "*"
Action = [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteBucket",
"s3:ListBucket",
]
Resource = [
"arn:aws:s3:::${module.spaces.bucket.name}",
"arn:aws:s3:::${module.spaces.bucket.name}/*",
]
}
]
})
}
cors_parameters = [
{
allowed_methods = ["GET", "POST"]
allowed_origins = ["frontend.mydomain.com"]
},
{
allowed_methods = ["DELETE", "GET", "HEAD", "POST", "PUT"]
allowed_origins = ["backend.mydomain.com"]
},
]
}
| Variable | Description | Type | Default | Required | Sensitive |
|---|---|---|---|---|---|
name |
Spaces bucket name. Maximum length is 63 characters (56 characters when add_random_suffix is enabled) |
string |
yes | no | |
region |
DigitalOcean region to create resources in | string |
yes | no | |
access_mode |
Spaces bucket access mode. Allowed values: private, public-read |
string |
private |
no | no |
add_random_suffix |
Append a random suffix to the bucket name to ensure uniqueness. Please note: modifying this variable will trigger the re-creation of the bucket | bool |
false |
no | no |
bucket_policies |
JSON-formatted policies to attach to the bucket. Each policy should be a single JSON object in string format | map(string) |
{} |
no | no |
cors_parameters |
A set of parameters for the Spaces bucket CORS configurations | list(object) |
[] |
no | no |
cors_parameters[*].allowed_headers |
Set of Headers that are specified in the Access-Control-Request-Headers header | list(string) |
['*'] |
no | no |
cors_parameters[*].allowed_methods |
Set of HTTP methods that are allowed for the origin to execute. Possible values are DELETE, GET, HEAD, POST, and PUT |
list(string) |
['DELETE', 'GET', 'HEAD', 'POST', 'PUT'] |
no | no |
cors_parameters[*].allowed_origins |
Set of origins that the web users will be able to access the bucket from | list(string) |
yes | no | |
cors_parameters[*].expose_headers |
Set of headers in the response that the web users will be able to access from their applications | list(string) |
['ETag'] |
no | no |
cors_parameters[*].max_age_seconds |
Time in seconds that the browser caches the preflight response for the specified resource | number |
3000 |
no | no |
versioning |
Enable versioning for the bucket | bool |
true |
no | no |
| Output | Description | Type | Sensitive |
|---|---|---|---|
bucket |
Contains all the Spaces Bucket attributes | resource |
no |
| Dependency | Version | Kind |
|---|---|---|
terraform |
>= 1.1 |
CLI |
digitalocean/digitalocean |
~> 2.18 |
provider |
hashicorp/random |
~> 3.6 |
provider |
