-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.tf
44 lines (39 loc) · 1.43 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
data "ibm_resource_group" "group" {
name = var.resource_group
}
resource ibm_resource_instance cos {
name = "${var.basename}-cos"
resource_group_id = ibm_resource_group.group.id
service = "cloud-object-storage"
plan = "standard"
location = "global"
tags = concat(var.tags, ["service"])
}
resource ibm_resource_key cos_key {
name = "${var.basename}-cos-key"
resource_instance_id = ibm_resource_instance.cos.id
role = "Writer"
parameters = {
service-endpoints = "private"
HMAC = true
}
}
resource ibm_cos_bucket bucket {
bucket_name = "${var.basename}-bucket"
resource_instance_id = ibm_resource_instance.cos.id
region_location = var.region
storage_class = "smart"
}
resource null_resource delete_objects {
triggers = {
ACCESS_KEY = ibm_resource_key.cos_key.credentials["cos_hmac_keys.access_key_id"]
SECRET_ACCESS_KEY = ibm_resource_key.cos_key.credentials["cos_hmac_keys.secret_access_key"]
COS_REGION = var.region
COS_BUCKET_NAME = ibm_cos_bucket.bucket.bucket_name
}
provisioner "local-exec" {
when = destroy
command = "./delete-cos-objects.sh ${self.triggers.COS_REGION} ${self.triggers.ACCESS_KEY} ${self.triggers.SECRET_ACCESS_KEY} ${self.triggers.COS_BUCKET_NAME} "
}
depends_on = [ibm_resource_key.cos_key,ibm_cos_bucket.bucket]
}