Feature: Use existing s3 backup buckets in firehose module

[stefancarlpeiser]

Hello!

In the firehose module there is a variable s3_backup_custom_name, would it be possible to update the function so that if the bucket already exists then to use that instead of trying to create a new bucket?

Or perhaps a new variable s3_backup_existing_bucket and an accompanying IAM role s3_backup_role_arn to use to access the bucket?

In my case I want to use a centralized bucket for backups that is pre-existing but the module doesn't account for this scenario.

[MichaelBriggs-Coralogix]

Thanks for the feedback, I've opened an enhancement request to review this option. If this is a critical requirement for your business, please follow up with your Support or Sales representatives so we can properly prioritize this ask.

[stefancarlpeiser]

No worries, more of a suggestion so take your time.

[Gershon-A]

+1

[ryantanjunming]

Hi @stefancarlpeiser, took awhile but in Terraform 1.5 the import block seems useful as TF is declarative so a data block cant even be referenced if it is conditional. The following works but does have the danger of replacing your existing bucket.

variable "new_bucket_name" {
  type    = string
  default = "new-bucket-test"
}

variable "exisiting_bucket_name" {
  type    = string
  default = "existing-bucket-test"
}

import {
  for_each = var.exisiting_bucket_name != null ? [var.exisiting_bucket_name] : []
  to       = aws_s3_bucket.data_bucket
  id       = each.value
}

resource "aws_s3_bucket" "data_bucket" {
  bucket = var.exisiting_bucket_name != null ? var.exisiting_bucket_name : var.new_bucket_name
}

## Test referecing the bucket ID
resource "aws_s3_bucket_public_access_block" "firehose_bucket_bucket_access" {
  bucket = aws_s3_bucket.data_bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

[ryantanjunming]

fixed with #175