Limit bucket name to 63 chars (#33)

* Limit bucket name to 63 chars

As per S3 specs, buckets cannot be more than 63 characters long

* bucket name added to be able to override it

Co-authored-by: Andriy Knysh <[email protected]>
Co-authored-by: Maxim Mironenko <[email protected]>

Author: 3 people

README.md

@@ -182,6 +182,7 @@ Available targets:
 | region | AWS Region the S3 bucket should reside in | string | - | yes |
 | restrict_public_buckets | Whether Amazon S3 should restrict public bucket policies for this bucket | bool | `true` | no |
 | role_arn | The role to be assumed | string | `` | no |
+| s3_bucket_name | S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name | string | `` | no |
 | stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string | `` | no |
 | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | map(string) | `<map>` | no |
 | terraform_backend_config_file_name | Name of terraform backend config file | string | `terraform.tf` | no |

docs/terraform.md

@@ -26,6 +26,7 @@
 | region | AWS Region the S3 bucket should reside in | string | - | yes |
 | restrict_public_buckets | Whether Amazon S3 should restrict public bucket policies for this bucket | bool | `true` | no |
 | role_arn | The role to be assumed | string | `` | no |
+| s3_bucket_name | S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name | string | `` | no |
 | stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string | `` | no |
 | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | map(string) | `<map>` | no |
 | terraform_backend_config_file_name | Name of terraform backend config file | string | `terraform.tf` | no |

examples/complete/fixtures.us-west-1.tfvars

@@ -5,3 +5,5 @@ namespace = "eg"
 stage = "test"
 
 name = "terraform-tfstate-backend"
+
+s3_bucket_name = "tfstate-backend-test-bucket"

main.tf

@@ -11,6 +11,8 @@ locals {
     var.terraform_backend_config_file_path,
     var.terraform_backend_config_file_name
   )
+
+  bucket_name = var.s3_bucket_name != "" ? var.s3_bucket_name : module.s3_bucket_label.id
 }
 
 module "base_label" {
@@ -51,7 +53,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" {
     ]
 
     resources = [
-      "arn:aws:s3:::${module.s3_bucket_label.id}/*",
+      "arn:aws:s3:::${local.bucket_name}/*",
     ]
 
     condition {
@@ -79,7 +81,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" {
     ]
 
     resources = [
-      "arn:aws:s3:::${module.s3_bucket_label.id}/*",
+      "arn:aws:s3:::${local.bucket_name}/*",
     ]
 
     condition {
@@ -94,7 +96,7 @@ data "aws_iam_policy_document" "prevent_unencrypted_uploads" {
 }
 
 resource "aws_s3_bucket" "default" {
-  bucket        = module.s3_bucket_label.id
+  bucket        = substr(local.bucket_name, 0, 63)
   acl           = var.acl
   region        = var.region
   force_destroy = var.force_destroy

variables.tf

@@ -202,3 +202,9 @@ variable "terraform_state_file" {
   default     = "terraform.tfstate"
   description = "The path to the state file inside the bucket"
 }
+
+variable "s3_bucket_name" {
+  type        = string
+  default     = ""
+  description = "S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name"
+}