-
Notifications
You must be signed in to change notification settings - Fork 53
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(obs): import obs resource and add unit test and docs for 10sp2 p…
…roject
- Loading branch information
1 parent
02543dd
commit 96338c1
Showing
10 changed files
with
1,159 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
--- | ||
subcategory: "Object Storage Service (OBS)" | ||
--- | ||
|
||
# flexibleengine_obs_bucket_object | ||
|
||
Use this data source to get info of special FlexibleEngine obs object. | ||
|
||
```hcl | ||
data "flexibleengine_obs_bucket_object" "object" { | ||
bucket = "my-test-bucket" | ||
key = "new-key" | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `region` - (Optional, String) The region in which to obtain the OBS object. If omitted, the provider-level region will | ||
be used. | ||
|
||
* `bucket` - (Required, String) The name of the bucket to put the file in. | ||
|
||
* `key` - (Required, String) The name of the object once it is in the bucket. | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `id` - the `key` of the resource supplied above. | ||
|
||
* `etag` - the ETag generated for the object (an MD5 sum of the object content). When the object is encrypted on the | ||
server side, the ETag value is not the MD5 value of the object, but the unique identifier calculated through the | ||
server-side encryption. | ||
|
||
* `size` - the size of the object in bytes. | ||
|
||
* `version_id` - a unique version ID value for the object, if bucket versioning is enabled. | ||
|
||
* `storage_class` - specifies the storage class of the object. | ||
|
||
* `content_type` - a standard MIME type describing the format of the object data, e.g. application/octet-stream. All | ||
Valid MIME Types are valid for this input. | ||
|
||
* `body` - The content of an object which is available only for objects which have a human-readable Content-Type | ||
(text/* and application/json) and smaller than **64KB**. This is to prevent printing unsafe characters and | ||
potentially downloading large amount of data. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
--- | ||
subcategory: "Object Storage Service (OBS)" | ||
--- | ||
|
||
# flexibleengine_obs_buckets | ||
|
||
Use this data source to get all OBS buckets. | ||
|
||
```hcl | ||
data "flexibleengine_obs_buckets" "buckets" { | ||
bucket = "your-bucket-name" | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `region` - (Optional, String) The region in which to obtain the OBS bucket. | ||
If omitted, the provider-level region will be used. | ||
|
||
* `bucket` - (Optional, String) The name of the OBS bucket. | ||
|
||
* `enterprise_project_id` - (Optional, String) The enterprise project id of the OBS bucket. | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `id` - The ID of the list. | ||
|
||
* `buckets` - A list of OBS buckets. | ||
|
||
The `buckets` block supports: | ||
|
||
* `region` - The region where the OBS bucket belongs. | ||
|
||
* `bucket` - The name of the OBS bucket. | ||
|
||
* `enterprise_project_id` - The enterprise project id of the OBS bucket. | ||
|
||
* `storage_class` - The storage class of the OBS bucket. | ||
|
||
* `created_at` - The date when the OBS bucket was created. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
--- | ||
subcategory: "Object Storage Service (OBS)" | ||
--- | ||
|
||
# flexibleengine_obs_bucket_object_acl | ||
|
||
Manages an OBS bucket object acl resource within FlexibleEngine. | ||
|
||
-> **NOTE:** When creating or updating the OBS bucket object acl, the original object acl will be overwritten. When | ||
deleting the OBS bucket object acl, only the owner permissions will be retained, and the other permissions will be | ||
removed. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
variable "bucket" {} | ||
variable "key" {} | ||
variable "account1" {} | ||
variable "account2" {} | ||
resource "flexibleengine_obs_bucket_object_acl" "test" { | ||
bucket = var.bucket | ||
key = var.key | ||
account_permission { | ||
access_to_object = ["READ"] | ||
access_to_acl = ["READ_ACP", "WRITE_ACP"] | ||
account_id = var.account1 | ||
} | ||
account_permission { | ||
access_to_object = ["READ"] | ||
access_to_acl = ["READ_ACP"] | ||
account_id = var.account2 | ||
} | ||
public_permission { | ||
access_to_acl = ["READ_ACP", "WRITE_ACP"] | ||
} | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `region` - (Optional, String, ForceNew) Specifies the region in which to create the resource. | ||
If omitted, the provider-level region will be used. | ||
|
||
Changing this parameter will create a new resource. | ||
|
||
* `bucket` - (Required, String, ForceNew) Specifies the name of the bucket which the object belongs to. | ||
|
||
Changing this parameter will create a new resource. | ||
|
||
* `key` - (Required, String, ForceNew) Specifies the name of the object to which to set the acl. | ||
|
||
Changing this parameter will create a new resource. | ||
|
||
* `public_permission` - (Optional, List) Specifies the object public permission. | ||
The [permission_struct](#OBSBucketObjectAcl_permission_struct) structure is documented below. | ||
|
||
* `account_permission` - (Optional, List) Specifies the object account permissions. | ||
The [account_permission_struct](#OBSBucketObjectAcl_account_permission_struct) structure is documented below. | ||
|
||
<a name="OBSBucketObjectAcl_permission_struct"></a> | ||
The `permission_struct` block supports: | ||
|
||
* `access_to_object` - (Optional, List) Specifies the access to object. Only **READ** supported. | ||
|
||
* `access_to_acl` - (Optional, List) Specifies the access to acl. Valid values are **READ_ACP** and **WRITE_ACP**. | ||
|
||
<a name="OBSBucketObjectAcl_account_permission_struct"></a> | ||
The `account_permission_struct` block supports: | ||
|
||
* `account_id` - (Required, String) Specifies the account id to authorize. The account id cannot be the object owner, | ||
and must be unique. | ||
|
||
* `access_to_object` - (Optional, List) Specifies the access to object. Only **READ** supported. | ||
|
||
* `access_to_acl` - (Optional, List) Specifies the access to acl. Valid values are **READ_ACP** and **WRITE_ACP**. | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `id` - The name of the bucket object key. | ||
* `owner_permission` - The object owner permission information. | ||
The [owner_permission_struct](#OBSBucketObjectAcl_owner_permission_struct) structure is documented below. | ||
|
||
<a name="OBSBucketObjectAcl_owner_permission_struct"></a> | ||
The `owner_permission_struct` block supports: | ||
|
||
* `access_to_object` - The owner object permissions. | ||
|
||
* `access_to_acl` - The owner acl permissions. | ||
|
||
## Import | ||
|
||
The obs bucket object acl can be imported using `bucket` and `key`, separated by a slash, e.g. | ||
|
||
```bash | ||
$ terraform import flexibleengine_obs_bucket_object_acl.test <bucket>/<key> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
--- | ||
subcategory: "Object Storage Service (OBS)" | ||
--- | ||
|
||
# flexibleengine_obs_bucket_policy | ||
|
||
Attaches a policy to an OBS bucket resource. | ||
|
||
-> **NOTE:** When creating or updating the OBS bucket policy, the original policy will be overwritten. | ||
|
||
## Example Usage | ||
|
||
### Policy with OBS format | ||
|
||
```hcl | ||
resource "flexibleengine_obs_bucket" "bucket" { | ||
bucket = "my-test-bucket" | ||
} | ||
resource "flexibleengine_obs_bucket_policy" "policy" { | ||
bucket = flexibleengine_obs_bucket.bucket.id | ||
policy = <<POLICY | ||
{ | ||
"Statement": [ | ||
{ | ||
"Sid": "AddPerm", | ||
"Effect": "Allow", | ||
"Principal": {"ID": "*"}, | ||
"Action": ["GetObject"], | ||
"Resource": "my-test-bucket/*" | ||
} | ||
] | ||
} | ||
POLICY | ||
} | ||
``` | ||
|
||
### Policy with S3 format | ||
|
||
```hcl | ||
resource "flexibleengine_obs_bucket" "bucket" { | ||
bucket = "my-test-bucket" | ||
} | ||
resource "flexibleengine_obs_bucket_policy" "s3_policy" { | ||
bucket = flexibleengine_obs_bucket.bucket.id | ||
policy_format = "s3" | ||
policy = <<POLICY | ||
{ | ||
"Version": "2008-10-17", | ||
"Id": "MYBUCKETPOLICY", | ||
"Statement": [ | ||
{ | ||
"Sid": "IPAllow", | ||
"Effect": "Allow", | ||
"Principal": "*", | ||
"Action": "s3:*", | ||
"Resource": "arn:aws:s3:::my-test-bucket/*", | ||
"Condition": { | ||
"IpAddress": {"aws:SourceIp": "8.8.8.8/32"} | ||
} | ||
} | ||
] | ||
} | ||
POLICY | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `region` - (Optional, String, ForceNew) The region in which to create the OBS bucket policy resource. If omitted, the | ||
provider-level region will be used. Changing this creates a new OBS bucket policy resource. | ||
|
||
* `bucket` - (Required, String, ForceNew) Specifies the name of the bucket to which to apply the policy. | ||
|
||
* `policy` - (Required, String) Specifies the text of the bucket policy in JSON format. For more information about obs | ||
format bucket policy, | ||
see the [Developer Guide](https://docs.prod-cloud-ocb.orange-business.com/usermanual/obs/en-us_topic_0045853745.html). | ||
|
||
* `policy_format` - (Optional, String) Specifies the policy format, the supported values are *obs* and *s3*. Defaults | ||
to *obs* . | ||
|
||
## Attribute Reference | ||
|
||
In addition to all arguments above, the following attributes are exported: | ||
|
||
* `id` - Specifies a resource ID in UUID format. | ||
|
||
## Import | ||
|
||
OBS format bucket policy can be imported using the `<bucket>`, e.g. | ||
|
||
``` | ||
$ terraform import flexibleengine_obs_bucket_policy.policy <bucket-name> | ||
``` | ||
|
||
S3 foramt bucket policy can be imported using the `<bucket>` and "s3" by a slash, e.g. | ||
|
||
``` | ||
$ terraform import flexibleengine_obs_bucket_policy.s3_policy <bucket-name>/s3 | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.