Hey there, I am writing my bootstrap file for creating the initial bucket for the Terraform states.
I am interested to know what good practices and configurations would look like for my bucket.
Here is my script so far, please read the comments between code:
BUCKET_NAME=gs://acmec-testing-1 PROJECT=acmec gsutil mb \ # Is Bucket Policy Only this a good idea? -b on \ -c standard \ -l us-east1 \ -p $PROJECT \ $BUCKET_NAME # What are good practices around labeling this? gsutil label set ./labels.json $BUCKET_NAME # What are your lifecycle configuration if any? gsutil lifecycle set ./lifecycle.json $BUCKET_NAME # What permissions should I give to the account used for terraform apply in CI? gsutil defacl ch -u email@example.com:READ $BUCKET_NAME # Do I need this? gsutil versioning set on $BUCKET_NAME
I am new into these DevOps stuff so I am worried to make mistakes that would cost me to leak sensitive information.
Thanks in advance.