This Terraform module creates a bucket monitoring solution to periodically query specified bucket paths and return the total object count. If an object count for a given subfolder is greater than the threshold specified in the module a log will be created that is picked up by an alert policy.
- Creates a build trigger for each bucket that executes a script
- Creates a scheduler task for each bucket to trigger the build trigger
- Creates a single alert policy to watch for logs generated by the build trigger
module "cloud_storage_monitor" {
source = "./modules/cloud-storage-monitoring"
name = "storage-monitor-v1"
bucket_paths = [
"my-bucket-a/some/folder",
"my-bucket-b/some/folder",
]
cron_schedule = "*/30 * * * *"
cron_time_zone = "Australia/Melbourne"
region = "us-east1"
threshold = "1000"
timeout = "7200s"
service_account = "<EMAIL>"
notification_channels = [
# Add notification channel ids here
]
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | Service name | string | - | yes |
| bucket_paths | List of CIDR blocks for public subnets | list | - | yes |
| cron_schedule | Cron schedule (e.g. */10 * * * *, every 10m ) | string | - | yes |
| cron_timezone | Cron time zone (e.g. Australia/Melbourne) | string | - | yes |
| region | GCP Region (e.g. us-east1) global not supported | string | - | yes |
| threshold | Threshold limit before log is created | string | - | yes |
| timeout | Time limit before script closes | string | - | yes |
| service_account | Service acount email | string | - | yes |
| notification_channels | Notification channel IDs | list | - | yes |
This module is licensed under the MIT License.