Reputation: 945
Terraform s3 bucket notification having multiple topics
I am trying to write a flexible/dynamic resource for aws_s3_bucket_notification which may have variable topics for the specified s3 bucket. For one bucket, I may have just 2 prefixes and 2 topics and for others 4 or 5 and so on... I was thinking of using a map function which will store the "prefix" and "SNS ARN" for each prefix type as the events will be the same. I need to create a s3_bucket_notification which will have all the topics in it without having to manually write each of the topics. Any suggestions?
Example
resource "aws_s3_bucket_notification" "bucket_notification" {
bucket = "${aws_s3_bucket.bucket.id}"
topic {
topic_arn = "$map.value" ###prototype
events = ["s3:ObjectCreated:*"]
filter_suffix = "$map.key" ###prototype
}
}
Upvotes: 1
Views: 3299
Answers (1)
Reputation: 45243
If my understanding is correct, the codes should like this:
variable "sns_top" {
type = "map"
default = {
dev = "topic1"
uat = "topic2"
prod = "topic3"
}
}
variable "bucket_name" {
default = "my-tf-test-bucket-dfsfddsf"
}
data "aws_caller_identity" "current" {}
resource "aws_sns_topic" "sns_topic" {
count = "${length(keys(var.sns_top))}"
name = "sns-topic-${element(values(var.sns_top),count.index)}"
}
resource "aws_sns_topic_policy" "custom" {
count = "${length(keys(var.sns_top))}"
arn = "${element(aws_sns_topic.sns_topic.*.arn, count.index)}"
policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "default",
"Statement":[{
"Sid": "default",
"Effect": "Allow",
"Principal": {"AWS":"*"},
"Action": [
"SNS:GetTopicAttributes",
"SNS:SetTopicAttributes",
"SNS:AddPermission",
"SNS:RemovePermission",
"SNS:DeleteTopic"
],
"Resource": "${element(aws_sns_topic.sns_topic.*.arn, count.index)}"
}]
}
POLICY
depends_on = ["aws_sns_topic.sns_topic"]
}
resource "aws_s3_bucket" "bucket" {
bucket = "${var.bucket_name}"
}
data "aws_iam_policy_document" "default" {
statement {
effect = "Allow"
actions = [
"s3:PutObject",
]
resources = [
"${aws_s3_bucket.bucket.arn}/*",
]
principals {
type = "AWS"
identifiers = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]
}
}
}
resource "aws_s3_bucket_policy" "default" {
bucket = "${aws_s3_bucket.bucket.id}"
policy = "${data.aws_iam_policy_document.default.json}"
}
resource "aws_s3_bucket_notification" "bucket_notification" {
count = "${length(keys(var.sns_top))}"
bucket = "${aws_s3_bucket.bucket.id}"
topic {
topic_arn = "${element(aws_sns_topic.sns_topic.*.arn, count.index)}"
events = ["s3:ObjectCreated:*"]
filter_suffix = "${element(keys(var.sns_top),count.index)}"
}
}
The codes hit an error explained in below link, but you should be fine to use it for further codings, such as how to use count.index with maps.
* aws_s3_bucket_notification.bucket_notification.0: Error putting S3 notification configuration: InvalidArgument: Unable to validate the following destination configurations
Refer:
Upvotes: 2
Related Questions
- Terraform - Multiple aws_s3_bucket_notification triggers on the same bucket
- Error putting S3 notification configuration error
- How to create a new notification configuration on a specified bucket using terraform?
- Terraform S3 Notification for multiple suffix's
- Creating a dynamic topic block within aws_s3_bucket_notification resource (Terraform)
- Error when creating S3 bucket notification in Terraform
- S3 notification configuration is ambiguously defined?
- Terraform for AWS: How to have multiple events per S3 bucket filtered on object path?
- terraform aws_s3_bucket_notification existing bucket
- Porting CloudFormation to Terraform: S3 bucket NotificationConfiguration