Managing SOS with Terraform

Tagged in
- storage

SOS is S3-compatible, the Terraform AWS provider can be used to manage your SOS resources.

Provider configuration

In the provider configuration, you need to skip some specific AWS validations:


locals {
  zone = "ch-gva-2"
}
provider "aws" {

  endpoints {
    s3 = "https://sos-${local.zone}.exo.io"
  }

  region     = local.zone

  #access_key = "my-access-key"
  #secret_key = "my-secret-key"

  # Skip AWS validations
  skip_credentials_validation = true
  skip_get_ec2_platforms      = true
  skip_requesting_account_id  = true
  skip_metadata_api_check     = true
  skip_region_validation      = true

}

You can also set your credentials with these Environment Variables:

$ export AWS_ACCESS_KEY_ID="anaccesskey"
$ export AWS_SECRET_ACCESS_KEY="asecretkey"

To manage the buckets in multiple zones, you will have to create multiple provider configurations with different alias.

Provider configuration

Manage your buckets

Create a bucket

resource "aws_s3_bucket" "my_bucket" {
  bucket   = "my-terraform-bucket"

  # Disable unsupported features
  lifecycle {
    ignore_changes = [
      object_lock_configuration,
      tags
    ]
  }
}

Manage ACL

resource "aws_s3_bucket_acl" "example_bucket_acl" {
  bucket = aws_s3_bucket.my_bucket.id
  acl    = "private"
}

Upload a file

resource "aws_s3_object" "object" {
  bucket = aws_s3_bucket.my_bucket.id
  key    = "new_object"
  source = "myfile"
  acl = "public-read"
  etag = filemd5("myfile")
}

You can find more S3 resources, but not all options are available, please have a look to our list of S3 Unsupported Features.