apiVersion: v1
kind: Secret
metadata:
name: aws-credentials
namespace: flux-system
type: Opaque
stringData:
AWS_ACCESS_KEY_ID: Axxxxxxxxxxxxxxxxxxx
AWS_SECRET_ACCESS_KEY: qxxxxxxxxxxxxxxxxxxxxxxxxx
AWS_REGION: us-east-1 # the region you want
---
apiVersion: infra.contrib.fluxcd.io/v1alpha1
kind: Terraform
metadata:
name: aws-s3-bucket
namespace: flux-system
labels:
tf.weave.works/composite: s3-bucket
spec:
path: aws_s3_bucket
values:
bucket: my-tf-controller-test-bucket
tags:
Environment: Dev
Name: My bucket
sourceRef:
kind: OCIRepository
name: aws-package
approvePlan: auto
retryInterval: 10s
interval: 2m
destroyResourcesOnDeletion: true
writeOutputsToSecret:
name: aws-s3-bucket-outputs
outputs:
- arn
- bucket
runnerPodTemplate:
spec:
envFrom:
- secretRef:
name: aws-credentials
---
apiVersion: infra.contrib.fluxcd.io/v1alpha1
kind: Terraform
metadata:
name: example-bucket-acl
namespace: flux-system
labels:
tf.weave.works/composite: s3-bucket
spec:
path: aws_s3_bucket_acl
values:
acl: private
bucket: ${{ .aws_s3_bucket.bucket }}
sourceRef:
kind: OCIRepository
name: aws-package
approvePlan: auto
retryInterval: 10s
interval: 3m
dependsOn:
- name: aws-s3-bucket
readInputsFromSecrets:
- name: aws-s3-bucket-outputs
as: aws_s3_bucket
destroyResourcesOnDeletion: true
runnerPodTemplate:
spec:
envFrom:
- secretRef:
name: aws-credentials