diff --git a/modules/dns-bucket/README.md b/modules/dns-bucket/README.md
index cfe5de2..d37120b 100644
--- a/modules/dns-bucket/README.md
+++ b/modules/dns-bucket/README.md
@@ -28,9 +28,9 @@ A basic module used to create Route53 Zone and S3 Buckets.
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.76.0 |
-| [aws.source](#provider\_aws.source) | 5.76.0 |
-| [aws.target](#provider\_aws.target) | 5.76.0 |
+| [aws](#provider\_aws) | 5.75.0 |
+| [aws.source](#provider\_aws.source) | 5.75.0 |
+| [aws.target](#provider\_aws.target) | 5.75.0 |
## Modules
@@ -42,6 +42,7 @@ No modules.
|------|------|
| [aws_route53_record.delegate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
| [aws_route53_zone.zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
+| [aws_s3_bucket.loki](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket.tiered_storage](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket.velero](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_server_side_encryption_configuration.velero](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
@@ -52,11 +53,14 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
+| [bucket\_location](#input\_bucket\_location) | The location of the bucket | `string` | n/a | yes |
| [custom\_dns\_zone\_id](#input\_custom\_dns\_zone\_id) | if specified, then a streamnative zone will not be created, and this zone will be used instead. Otherwise, we will provision a new zone and delegate access | `string` | `""` | no |
| [custom\_dns\_zone\_name](#input\_custom\_dns\_zone\_name) | must be passed if custom\_dns\_zone\_id is passed, this is the zone name to use | `string` | `""` | no |
+| [enable\_loki](#input\_enable\_loki) | Enable loki storage bucket creation | `bool` | `false` | no |
| [extra\_aws\_tags](#input\_extra\_aws\_tags) | Additional to apply to the resources. Note that this module sets the tags Name, Type, and Vendor by default. They can be overwritten, but it is not recommended. | `map(string)` | `{}` | no |
| [parent\_zone\_name](#input\_parent\_zone\_name) | The parent zone in which we create the delegation records | `string` | n/a | yes |
| [pm\_name](#input\_pm\_name) | The name of the poolmember, for new clusters, this should be like `pm-` | `string` | n/a | yes |
+| [pm\_namespace](#input\_pm\_namespace) | The namespace of the poolmember | `string` | n/a | yes |
| [s3\_encryption\_kms\_key\_arn](#input\_s3\_encryption\_kms\_key\_arn) | KMS key ARN to use for S3 encryption. If not set, the default AWS S3 key will be used. | `string` | `""` | no |
## Outputs
@@ -65,6 +69,7 @@ No modules.
|------|-------------|
| [backup\_bucket](#output\_backup\_bucket) | n/a |
| [backup\_bucket\_kms\_key\_id](#output\_backup\_bucket\_kms\_key\_id) | n/a |
+| [loki\_bucket](#output\_loki\_bucket) | n/a |
| [tiered\_storage\_bucket](#output\_tiered\_storage\_bucket) | n/a |
| [zone\_id](#output\_zone\_id) | n/a |
| [zone\_name](#output\_zone\_name) | n/a |
diff --git a/modules/dns-bucket/bucket.tf b/modules/dns-bucket/bucket.tf
index 7fdf755..4c69bd8 100644
--- a/modules/dns-bucket/bucket.tf
+++ b/modules/dns-bucket/bucket.tf
@@ -13,27 +13,25 @@
# limitations under the License.
resource "aws_s3_bucket" "velero" {
+ provider = aws.target
bucket = format("%s-cluster-backup-snc", var.pm_name)
tags = merge({ "Attributes" = "backup", "Name" = "velero-backups" }, local.tags)
force_destroy = true
-
- lifecycle {
- ignore_changes = [
- bucket,
- ]
- }
}
resource "aws_s3_bucket" "tiered_storage" {
+ provider = aws.target
bucket = format("%s-tiered-storage-snc", var.pm_name)
tags = merge({ "Attributes" = "tiered-storage" }, local.tags)
force_destroy = true
+}
- lifecycle {
- ignore_changes = [
- bucket,
- ]
- }
+resource "aws_s3_bucket" "loki" {
+ count = var.enable_loki ? 1 : 0
+ provider = aws.source
+ bucket = format("loki-%s-%s", var.pm_namespace, var.pm_name)
+ tags = merge({ "Attributes" = "loki", "Name" = "logs-byoc" }, local.tags)
+ force_destroy = true
}
data "aws_kms_key" "s3_default" {
diff --git a/modules/dns-bucket/outputs.tf b/modules/dns-bucket/outputs.tf
index 970b59c..1682f7c 100644
--- a/modules/dns-bucket/outputs.tf
+++ b/modules/dns-bucket/outputs.tf
@@ -30,4 +30,8 @@ output "backup_bucket_kms_key_id" {
output "tiered_storage_bucket" {
value = aws_s3_bucket.tiered_storage.bucket
+}
+
+output "loki_bucket" {
+ value = var.enable_loki ? aws_s3_bucket.loki[0].bucket : ""
}
\ No newline at end of file
diff --git a/modules/dns-bucket/variables.tf b/modules/dns-bucket/variables.tf
index 90670ab..983065b 100644
--- a/modules/dns-bucket/variables.tf
+++ b/modules/dns-bucket/variables.tf
@@ -12,6 +12,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+variable "pm_namespace" {
+ type = string
+ description = "The namespace of the poolmember"
+}
+
variable "pm_name" {
description = "The name of the poolmember, for new clusters, this should be like `pm-`"
type = string
@@ -51,3 +56,9 @@ locals {
"Vendor" = "StreamNative"
}, var.extra_aws_tags)
}
+
+variable "enable_loki" {
+ type = bool
+ default = false
+ description = "Enable loki storage bucket creation"
+}
\ No newline at end of file