66 lines
1.7 KiB
HCL
66 lines
1.7 KiB
HCL
locals {
|
|
fqdn = "${var.domain}."
|
|
}
|
|
|
|
# =================================================================
|
|
# Public bucket for static content with uploader service account
|
|
# =================================================================
|
|
resource "google_project_service" "storage" {
|
|
disable_on_destroy = false
|
|
service = "storage.googleapis.com"
|
|
}
|
|
|
|
resource "google_service_account" "uploader_sa" {
|
|
account_id = "${var.prefix}-uploader-sa"
|
|
display_name = "Uploader Service Account"
|
|
}
|
|
|
|
resource "google_storage_bucket" "bucket" {
|
|
name = var.domain
|
|
depends_on = [google_project_service.storage]
|
|
|
|
location = var.gcs_location
|
|
uniform_bucket_level_access = false
|
|
website {
|
|
main_page_suffix = "index.html"
|
|
not_found_page = "index.html"
|
|
}
|
|
}
|
|
|
|
resource "google_storage_bucket_acl" "bucket_acl" {
|
|
bucket = google_storage_bucket.bucket.name
|
|
|
|
role_entity = [
|
|
"OWNER:project-owners-${var.project_number}",
|
|
"OWNER:project-editors-${var.project_number}",
|
|
"READER:project-viewers-${var.project_number}",
|
|
"OWNER:user-${google_service_account.uploader_sa.email}",
|
|
]
|
|
}
|
|
|
|
resource "google_storage_default_object_acl" "default_acl" {
|
|
bucket = google_storage_bucket.bucket.name
|
|
|
|
role_entity = [
|
|
"READER:allUsers",
|
|
"OWNER:project-owners-${var.project_number}",
|
|
"OWNER:project-editors-${var.project_number}",
|
|
"READER:project-viewers-${var.project_number}",
|
|
]
|
|
}
|
|
|
|
resource "google_storage_bucket_object" "index" {
|
|
name = "index.html"
|
|
source = "${path.module}/public/index.html"
|
|
bucket = google_storage_bucket.bucket.name
|
|
}
|
|
|
|
resource "google_dns_record_set" "dns_cname_record" {
|
|
name = local.fqdn
|
|
managed_zone = var.dns_zone
|
|
|
|
type = "CNAME"
|
|
ttl = var.dns_ttl
|
|
rrdatas = ["c.storage.googleapis.com."]
|
|
}
|