diff --git a/README.md b/README.md index e2cf9ae7..219f244b 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,7 @@ determining that location is as follows: | bucket\_location | The location for a GCS bucket to create (optional) | `string` | `"US"` | no | | bucket\_name | A name for a GCS bucket to create (in the bucket\_project project), useful for Terraform state (optional) | `string` | `""` | no | | bucket\_project | A project to create a GCS bucket (bucket\_name) in, useful for Terraform state (optional) | `string` | `""` | no | +| bucket\_ula | Enable Uniform Bucket Level Access | `bool` | `true` | no | | bucket\_versioning | Enable versioning for a GCS bucket to create (optional) | `bool` | `false` | no | | budget\_alert\_pubsub\_topic | The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}` | `string` | `null` | no | | budget\_alert\_spent\_percents | A list of percentages of the budget to alert on when threshold is exceeded | `list(number)` | 
[
  0.5,
  0.7,
  1
]
| no | diff --git a/main.tf b/main.tf index dc52b14f..22dde235 100644 --- a/main.tf +++ b/main.tf @@ -58,6 +58,7 @@ module "project-factory" { bucket_versioning = var.bucket_versioning bucket_labels = var.bucket_labels bucket_force_destroy = var.bucket_force_destroy + bucket_ula = var.bucket_ula auto_create_network = var.auto_create_network disable_services_on_destroy = var.disable_services_on_destroy default_service_account = var.default_service_account diff --git a/modules/core_project_factory/main.tf b/modules/core_project_factory/main.tf index abf93554..308835af 100644 --- a/modules/core_project_factory/main.tf +++ b/modules/core_project_factory/main.tf @@ -278,11 +278,12 @@ resource "google_project_usage_export_bucket" "usage_report_export" { resource "google_storage_bucket" "project_bucket" { count = local.create_bucket ? 1 : 0 - name = local.project_bucket_name - project = var.bucket_project == local.base_project_id ? google_project.main.project_id : var.bucket_project - location = var.bucket_location - labels = var.bucket_labels - force_destroy = var.bucket_force_destroy + name = local.project_bucket_name + project = var.bucket_project == local.base_project_id ? google_project.main.project_id : var.bucket_project + location = var.bucket_location + labels = var.bucket_labels + force_destroy = var.bucket_force_destroy + uniform_bucket_level_access = var.bucket_ula versioning { enabled = var.bucket_versioning diff --git a/modules/core_project_factory/variables.tf b/modules/core_project_factory/variables.tf index 28a01cc8..20d96b02 100644 --- a/modules/core_project_factory/variables.tf +++ b/modules/core_project_factory/variables.tf @@ -187,6 +187,12 @@ variable "bucket_force_destroy" { default = false } +variable "bucket_ula" { + description = "Enable Uniform Bucket Level Access" + type = bool + default = true +} + variable "auto_create_network" { description = "Create the default network" type = bool diff --git a/variables.tf b/variables.tf index f88bc21a..d8fe7a92 100644 --- a/variables.tf +++ b/variables.tf @@ -187,6 +187,12 @@ variable "bucket_force_destroy" { default = false } +variable "bucket_ula" { + description = "Enable Uniform Bucket Level Access" + type = bool + default = true +} + variable "auto_create_network" { description = "Create the default network" type = bool