terraform-example-foundation icon indicating copy to clipboard operation
terraform-example-foundation copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

In 4-projects CMEK GCS bucket name length exceeds the statutory 63 characters

Open mromascanu123 opened this issue 1 year ago • 0 comments

TL;DR

When using non-US regions, deployment of 4-Projects fails due to invalid (too long) bucket name

Expected behavior

The bucket name should always be max 63 characters regardless of the length of a region's name.

Observed behavior

... ./tf-wrapper.sh apply production

Error: error: bucket name validation failed bkt-prj-p-bu1sample-base-vc6x-northamerica-northeast2-cmek-encrypted-3bcbb

with module.env.module.gcs_buckets.google_storage_bucket.bucket, on ../../../terraform-google-modules/cloud-storage/google/modules/simple_bucket/main.tf line 17, in resource "google_storage_bucket" "bucket": 17: resource "google_storage_bucket" "bucket" {

Terraform Configuration

common.auto.tfvars
remote_state_bucket = "REMOTE_STATE_BUCKET"

{development,non-production,production}.auto.tfvars
location_kms = "northamerica-northeast2"
location_gcs = "northamerica-northeast2"

shared.auto.tfvars
default_region = "northamerica-northeast2"

Terraform Version

Terraform v1.6.0
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v5.20.0
+ provider registry.terraform.io/hashicorp/google-beta v5.20.0
+ provider registry.terraform.io/hashicorp/null v3.2.2
+ provider registry.terraform.io/hashicorp/random v3.6.0
+ provider registry.terraform.io/hashicorp/time v0.11.1

Your version of Terraform is out of date! The latest version
is 1.7.5. You can update by downloading from https://www.terraform.io/downloads.html

Additional information

Easy fix in 4-projects/modules/base_env/example_storage_cmek.tf locals { cmek_bucket_suffix = "${module.base_shared_vpc_project.project_id}-${lower(var.location_gcs)}-${random_string.bucket_name.result}" cmek_bucket_prefix = "${var.gcs_bucket_prefix}-cmek-encrypted" } ... module "gcs_buckets" { ...

//name = "${var.gcs_bucket_prefix}-${module.base_shared_vpc_project.project_id}-${lower(var.location_gcs)}-cmek-encrypted-${random_string.bucket_name.result}" name = "${local.cmek_bucket_prefix}-${md5(local.cmek_bucket_suffix)}"

mromascanu123 avatar Mar 18 '24 20:03 mromascanu123