aboutsummaryrefslogtreecommitdiff
path: root/terraform-minio
diff options
context:
space:
mode:
Diffstat (limited to 'terraform-minio')
-rw-r--r--terraform-minio/README.md5
-rw-r--r--terraform-minio/main.tf29
-rw-r--r--terraform-minio/root.tf46
3 files changed, 80 insertions, 0 deletions
diff --git a/terraform-minio/README.md b/terraform-minio/README.md
new file mode 100644
index 0000000..0e54eba
--- /dev/null
+++ b/terraform-minio/README.md
@@ -0,0 +1,5 @@
+Special Terraform setup for creating user's in Minio for keeping other
+Terraform setups in Minio.
+
+ export TF_VAR_minio_access_key=
+ export TF_VAR_minio_secret_key=
diff --git a/terraform-minio/main.tf b/terraform-minio/main.tf
new file mode 100644
index 0000000..a08c04a
--- /dev/null
+++ b/terraform-minio/main.tf
@@ -0,0 +1,29 @@
+terraform {
+ required_version = ">= 0.13"
+
+ backend "local" {
+ path = "state"
+ }
+
+ required_providers {
+ minio = {
+ source = "tidalf/minio"
+ version = "1.1.1"
+ }
+ }
+}
+
+variable "minio_access_key" {
+ type = string
+}
+
+variable "minio_secret_key" {
+ type = string
+}
+
+provider "minio" {
+ minio_server = "minio.trygvis.io:443"
+ minio_ssl = "true"
+ minio_access_key = var.minio_access_key
+ minio_secret_key = var.minio_secret_key
+}
diff --git a/terraform-minio/root.tf b/terraform-minio/root.tf
new file mode 100644
index 0000000..9751f27
--- /dev/null
+++ b/terraform-minio/root.tf
@@ -0,0 +1,46 @@
+resource "minio_s3_bucket" "terraform" {
+ bucket = "terraform"
+ acl = "public-read-write"
+}
+
+resource "minio_iam_policy" "terraform-access" {
+ name = "terraform-access"
+ policy= <<EOF
+{
+ "Version":"2012-10-17",
+ "Statement": [
+ {
+ "Effect": "Allow",
+ "Action": [
+ "s3:ListBucket"
+ ],
+ "Resource": "arn:aws:s3:::terraform-trygvis"
+ },
+ {
+ "Effect": "Allow",
+ "Action": [
+ "s3:ListBucket",
+ "s3:GetObject",
+ "s3:PutObject"
+ ],
+ "Resource": "arn:aws:s3:::terraform/*"
+ }
+ ]
+}
+EOF
+}
+
+# Users
+
+resource "minio_iam_user" "terraform-trygvis" {
+ name = "terraform-trygvis"
+}
+
+resource "minio_iam_user_policy_attachment" "terraform-trygvis" {
+ user_name = minio_iam_user.terraform-trygvis.id
+ policy_name = minio_iam_policy.terraform-access.id
+}
+
+output "terraform-trygvis_secret" {
+ value = minio_iam_user.terraform-trygvis.secret
+}