diff --git a/README.md b/README.md index 9f297c85..73888604 100644 --- a/README.md +++ b/README.md @@ -46,12 +46,12 @@ Functional examples are included in the | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| admins | IAM-style members who will be granted roles/storage.objectAdmin on all buckets. | list | `` | no | +| admins | IAM-style members who will be granted roles/storage.objectAdmin on all buckets. | list(string) | `` | no | | bucket\_admins | Map of lowercase unprefixed name => comma-delimited IAM-style bucket admins. | map | `` | no | | bucket\_creators | Map of lowercase unprefixed name => comma-delimited IAM-style bucket creators. | map | `` | no | | bucket\_policy\_only | Disable ad-hoc ACLs on specified buckets. Defaults to true. Map of lowercase unprefixed name => boolean | map | `` | no | | bucket\_viewers | Map of lowercase unprefixed name => comma-delimited IAM-style bucket viewers. | map | `` | no | -| creators | IAM-style members who will be granted roles/storage.objectCreators on all buckets. | list | `` | no | +| creators | IAM-style members who will be granted roles/storage.objectCreators on all buckets. | list(string) | `` | no | | encryption\_key\_names | Optional map of lowercase unprefixed name => string, empty strings are ignored. | map | `` | no | | force\_destroy | Optional map of lowercase unprefixed name => boolean, defaults to false. | map | `` | no | | labels | Labels to be attached to the buckets | map | `` | no | @@ -60,12 +60,12 @@ Functional examples are included in the | names | Bucket name suffixes. | list(string) | n/a | yes | | prefix | Prefix used to generate the bucket name. | string | n/a | yes | | project\_id | Bucket project id. | string | n/a | yes | -| set\_admin\_roles | Grant roles/storage.objectAdmin role to admins and bucket_admins. | string | `"false"` | no | -| set\_creator\_roles | Grant roles/storage.objectCreator role to creators and bucket_creators. | string | `"false"` | no | -| set\_viewer\_roles | Grant roles/storage.objectViewer role to viewers and bucket_viewers. | string | `"false"` | no | +| set\_admin\_roles | Grant roles/storage.objectAdmin role to admins and bucket_admins. | bool | `"false"` | no | +| set\_creator\_roles | Grant roles/storage.objectCreator role to creators and bucket_creators. | bool | `"false"` | no | +| set\_viewer\_roles | Grant roles/storage.objectViewer role to viewers and bucket_viewers. | bool | `"false"` | no | | storage\_class | Bucket storage class. | string | `"MULTI_REGIONAL"` | no | | versioning | Optional map of lowercase unprefixed name => boolean, defaults to false. | map | `` | no | -| viewers | IAM-style members who will be granted roles/storage.objectViewer on all buckets. | list | `` | no | +| viewers | IAM-style members who will be granted roles/storage.objectViewer on all buckets. | list(string) | `` | no | ## Outputs diff --git a/variables.tf b/variables.tf index 22570cdd..83851d12 100644 --- a/variables.tf +++ b/variables.tf @@ -16,10 +16,12 @@ variable "project_id" { description = "Bucket project id." + type = string } variable "prefix" { description = "Prefix used to generate the bucket name." + type = string } variable "names" { @@ -29,66 +31,79 @@ variable "names" { variable "location" { description = "Bucket location." + type = string default = "EU" } variable "storage_class" { description = "Bucket storage class." + type = string default = "MULTI_REGIONAL" } variable "force_destroy" { description = "Optional map of lowercase unprefixed name => boolean, defaults to false." + type = map default = {} } variable "versioning" { description = "Optional map of lowercase unprefixed name => boolean, defaults to false." + type = map default = {} } variable "encryption_key_names" { description = "Optional map of lowercase unprefixed name => string, empty strings are ignored." + type = map default = {} } variable "bucket_policy_only" { description = "Disable ad-hoc ACLs on specified buckets. Defaults to true. Map of lowercase unprefixed name => boolean" + type = map default = {} } variable "admins" { description = "IAM-style members who will be granted roles/storage.objectAdmin on all buckets." + type = list(string) default = [] } variable "creators" { description = "IAM-style members who will be granted roles/storage.objectCreators on all buckets." + type = list(string) default = [] } variable "viewers" { description = "IAM-style members who will be granted roles/storage.objectViewer on all buckets." + type = list(string) default = [] } variable "bucket_admins" { description = "Map of lowercase unprefixed name => comma-delimited IAM-style bucket admins." + type = map default = {} } variable "bucket_creators" { description = "Map of lowercase unprefixed name => comma-delimited IAM-style bucket creators." + type = map default = {} } variable "bucket_viewers" { description = "Map of lowercase unprefixed name => comma-delimited IAM-style bucket viewers." + type = map default = {} } variable "labels" { description = "Labels to be attached to the buckets" + type = map default = {} } @@ -96,16 +111,19 @@ variable "labels" { variable "set_admin_roles" { description = "Grant roles/storage.objectAdmin role to admins and bucket_admins." + type = bool default = false } variable "set_creator_roles" { description = "Grant roles/storage.objectCreator role to creators and bucket_creators." + type = bool default = false } variable "set_viewer_roles" { description = "Grant roles/storage.objectViewer role to viewers and bucket_viewers." + type = bool default = false } @@ -117,6 +135,6 @@ variable "lifecycle_rules" { }) condition = map(string) })) - default = [] description = "List of lifecycle rules to configure. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#lifecycle_rule except condition.matches_storage_class should be a comma delimited string." + default = [] }