From 07d134bbddbbe2a133cd7aed49edd634689773ca Mon Sep 17 00:00:00 2001
From: Nuru <Nuru@users.noreply.github.com>
Date: Tue, 2 Jul 2019 16:49:07 -0700
Subject: [PATCH] Allow use of existing S3 bucket in other region (#14)

---
 README.md         |  6 ++++++
 docs/terraform.md |  1 +
 main.tf           | 23 ++++++++++++++++++++++-
 outputs.tf        | 10 +++++-----
 variables.tf      |  6 ++++++
 5 files changed, 40 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 8d936c6..b97494e 100644
--- a/README.md
+++ b/README.md
@@ -54,6 +54,11 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are
 
 ## Usage
 
+
+**IMPORTANT:** The `master` branch is used in `source` just as an example. In your code, do not pin to `master` because there may be breaking changes between releases.
+Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-kops-state-backend/releases).
+
+
 This example will create a DNS zone called `us-east-1.cloudxl.net` and delegate it from the parent zone `cloudxl.net` by setting `NS` and `SOA` records in the parent zone.
 
 It will also create an S3 bucket with the name `cp-prod-kops-state` for storing `kops` state.
@@ -133,6 +138,7 @@ Available targets:
 | attributes | Additional attributes (e.g. `1`) | list | `<list>` | no |
 | block_public_access_enabled | Block all public access from bucket level | string | `true` | no |
 | cluster_name | Kops cluster name (e.g. `us-east-1` or `cluster-1`) | string | `us-east-1` | no |
+| create_bucket | Set to `false` to use existing S3 bucket for kops state store instead of creating one. | string | `true` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name`, and `attributes` | string | `-` | no |
 | domain_enabled | A boolean that determines whether a DNS Zone for the kops domain is created | string | `true` | no |
 | force_destroy | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without errors. These objects are not recoverable | string | `false` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index b829be8..32ebada 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -6,6 +6,7 @@
 | attributes | Additional attributes (e.g. `1`) | list | `<list>` | no |
 | block_public_access_enabled | Block all public access from bucket level | string | `true` | no |
 | cluster_name | Kops cluster name (e.g. `us-east-1` or `cluster-1`) | string | `us-east-1` | no |
+| create_bucket | Set to `false` to use existing S3 bucket for kops state store instead of creating one. | string | `true` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name`, and `attributes` | string | `-` | no |
 | domain_enabled | A boolean that determines whether a DNS Zone for the kops domain is created | string | `true` | no |
 | force_destroy | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without errors. These objects are not recoverable | string | `false` | no |
diff --git a/main.tf b/main.tf
index 34024be..0deb579 100644
--- a/main.tf
+++ b/main.tf
@@ -1,3 +1,10 @@
+provider "aws" {
+  version = "~> 2.17"
+
+  alias  = "s3"
+  region = "${var.region}"
+}
+
 data "template_file" "zone_name" {
   template = "${replace(var.zone_name, "$$$$", "$")}"
 
@@ -10,6 +17,8 @@ data "template_file" "zone_name" {
 }
 
 locals {
+  create_s3_bucket = "${!(var.create_bucket == "false")}"
+
   tags = "${
       merge(
         var.tags,
@@ -45,7 +54,17 @@ module "s3_label" {
   tags       = "${local.tags}"
 }
 
+data "aws_s3_bucket" "default" {
+  provider = "aws.s3"
+
+  count  = "${local.create_s3_bucket ? 0 : 1}"
+  bucket = "${module.s3_label.id}"
+}
+
 resource "aws_s3_bucket" "default" {
+  provider = "aws.s3"
+
+  count         = "${local.create_s3_bucket ? 1 : 0}"
   bucket        = "${module.s3_label.id}"
   acl           = "${var.acl}"
   region        = "${var.region}"
@@ -67,7 +86,9 @@ resource "aws_s3_bucket" "default" {
 }
 
 resource "aws_s3_bucket_public_access_block" "default" {
-  count  = "${var.block_public_access_enabled == "true" ? 1 : 0}"
+  provider = "aws.s3"
+
+  count  = "${local.create_s3_bucket && var.block_public_access_enabled == "true" ? 1 : 0}"
   bucket = "${aws_s3_bucket.default.id}"
 
   block_public_acls       = true
diff --git a/outputs.tf b/outputs.tf
index 8d672ae..eca3736 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -19,26 +19,26 @@ output "zone_name" {
 }
 
 output "bucket_name" {
-  value       = "${aws_s3_bucket.default.bucket}"
+  value       = "${coalesce(join("",aws_s3_bucket.default.*.bucket),join("",data.aws_s3_bucket.default.*.bucket))}"
   description = "S3 bucket name"
 }
 
 output "bucket_region" {
-  value       = "${aws_s3_bucket.default.region}"
+  value       = "${coalesce(join("",aws_s3_bucket.default.*.region),join("",data.aws_s3_bucket.default.*.region))}"
   description = "S3 bucket region"
 }
 
 output "bucket_domain_name" {
-  value       = "${aws_s3_bucket.default.bucket_domain_name}"
+  value       = "${coalesce(join("",aws_s3_bucket.default.*.bucket_domain_name),join("",data.aws_s3_bucket.default.*.bucket_domain_name))}"
   description = "S3 bucket domain name"
 }
 
 output "bucket_id" {
-  value       = "${aws_s3_bucket.default.id}"
+  value       = "${coalesce(join("",aws_s3_bucket.default.*.id),join("",data.aws_s3_bucket.default.*.id))}"
   description = "S3 bucket ID"
 }
 
 output "bucket_arn" {
-  value       = "${aws_s3_bucket.default.arn}"
+  value       = "${coalesce(join("",aws_s3_bucket.default.*.arn),join("",data.aws_s3_bucket.default.*.arn))}"
   description = "S3 bucket ARN"
 }
diff --git a/variables.tf b/variables.tf
index 28c8a98..30b60f4 100644
--- a/variables.tf
+++ b/variables.tf
@@ -85,3 +85,9 @@ variable "domain_enabled" {
   default     = "true"
   description = "A boolean that determines whether a DNS Zone for the kops domain is created"
 }
+
+variable "create_bucket" {
+  type        = "string"
+  default     = "true"
+  description = "Set to `false` to use existing S3 bucket for kops state store instead of creating one."
+}