Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Fix efs_authorization_config variable type, provide defaults #51

Merged
merged 1 commit into from
Oct 16, 2024
+65 −2
Merged

Fix Fix efs_authorization_config variable type, provide defaults #51

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions examples/complete-worker/efs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Standard EFS Example from https://github.com/terraform-aws-modules/terraform-aws-efs/blob/v1.6.4/examples/complete/main.tf
module "efs_data" {
source = "registry.terraform.io/terraform-aws-modules/efs/aws"
version = "~> 1.6.0"

# File system
name = "${var.env}-${var.namespace}-data"
creation_token = "${var.env}-${var.namespace}-data"
encrypted = false # disabled for simplicity. Prod must be enabled.

lifecycle_policy = {
transition_to_ia = "AFTER_30_DAYS"
transition_to_primary_storage_class = "AFTER_1_ACCESS"
}

# File system policy
attach_policy = false
bypass_policy_lockout_safety_check = false

# Mount targets / security group
mount_targets = { for k, v in zipmap(["${var.aws_region}"], module.vpc.private_subnets) : k => { subnet_id = v } }
security_group_description = "Example EFS security group"
security_group_vpc_id = module.vpc.vpc_id
security_group_rules = {
vpc = {
# relying on the defaults provdied for EFS/NFS (2049/TCP + ingress)
description = "NFS ingress from VPC private subnets"
cidr_blocks = module.vpc.private_subnets_cidr_blocks
}
}

# Access point(s)
access_points = {
posix_example = {
name = "posix-example"
posix_user = {
gid = 1001
uid = 1001
secondary_gids = [1002]
}

tags = {
Additionl = "yes"
}
}
}
}
10 changes: 10 additions & 0 deletions examples/complete-worker/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,16 @@ module "worker_complete" {
docker_container_command = ["echo", "command-output"]
deployment_minimum_healthy_percent = 0

# EFS settings (external)
efs_enabled = true
efs_file_system_id = module.efs_data.id
efs_mount_point = "/mnt/efs"
efs_root_directory = "/"
efs_authorization_config = {
access_point_id = module.efs_data.access_points.posix_example.id
iam = "ENABLED"
}

# Network
vpc_id = module.vpc.vpc_id
private_subnets = module.vpc.private_subnets
Expand Down
10 changes: 8 additions & 2 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -610,9 +610,15 @@ variable "efs_root_directory" {
}

variable "efs_authorization_config" {
type = object({})
type = object({
access_point_id = string
iam = string
})
description = "EFS authorization config"
default = {}
default = {
access_point_id = null
iam = "ENABLED"
}
}

variable "efs_access_points" {
Expand Down
Loading