diff --git a/modules/cloud-function/README.md b/modules/cloud-function/README.md
index 46a5b458..6eac68bf 100644
--- a/modules/cloud-function/README.md
+++ b/modules/cloud-function/README.md
@@ -169,7 +169,7 @@ module "cf-http" {
| [environment_variables](variables.tf#L46) | Cloud function environment variables. | map(string)
| | {}
|
| [function_config](variables.tf#L52) | Cloud function configuration. | object({…})
| | {…}
|
| [iam](variables.tf#L70) | IAM bindings for topic in {ROLE => [MEMBERS]} format. | map(list(string))
| | {}
|
-| [ingress_settings](variables.tf#L76) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL and ALLOW_INTERNAL_ONLY. | string
| | null
|
+| [ingress_settings](variables.tf#L76) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | string
| | null
|
| [labels](variables.tf#L82) | Resource labels. | map(string)
| | {}
|
| [prefix](variables.tf#L93) | Optional prefix used for resource names. | string
| | null
|
| [region](variables.tf#L104) | Region used for all resources. | string
| | "europe-west1"
|
diff --git a/modules/cloud-function/main.tf b/modules/cloud-function/main.tf
index 3a37a63f..949cb69b 100644
--- a/modules/cloud-function/main.tf
+++ b/modules/cloud-function/main.tf
@@ -103,9 +103,10 @@ resource "google_cloudfunctions_function_iam_binding" "default" {
}
resource "google_storage_bucket" "bucket" {
- count = var.bucket_config == null ? 0 : 1
- project = var.project_id
- name = "${local.prefix}${var.bucket_name}"
+ count = var.bucket_config == null ? 0 : 1
+ project = var.project_id
+ name = "${local.prefix}${var.bucket_name}"
+ uniform_bucket_level_access = true
location = (
var.bucket_config.location == null
? var.region
@@ -117,7 +118,17 @@ resource "google_storage_bucket" "bucket" {
for_each = var.bucket_config.lifecycle_delete_age == null ? [] : [""]
content {
action { type = "Delete" }
- condition { age = var.bucket_config.lifecycle_delete_age }
+ condition {
+ age = var.bucket_config.lifecycle_delete_age
+ with_state = "ARCHIVED"
+ }
+ }
+ }
+
+ dynamic "versioning" {
+ for_each = var.bucket_config.lifecycle_delete_age == null ? [] : [""]
+ content {
+ enabled = true
}
}
}
diff --git a/modules/cloud-function/variables.tf b/modules/cloud-function/variables.tf
index 2ac663b1..a613b2f6 100644
--- a/modules/cloud-function/variables.tf
+++ b/modules/cloud-function/variables.tf
@@ -74,7 +74,7 @@ variable "iam" {
}
variable "ingress_settings" {
- description = "Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL and ALLOW_INTERNAL_ONLY."
+ description = "Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY ."
type = string
default = null
}