force_destroy bucket

SCT-Engineering · Apr 1, 2025 · cedb4d7 · cedb4d7
1 parent a63be2e
commit cedb4d7
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -1,15 +1,56 @@
 # tfmod-loki
 
-Installs the loki as the log aggregation sink, and promtail to forward the logs
-to loki.
-
-* Requires additional Node HD space - 40GB is not enough.
-
-# tfmod-loki
-
-
-
-
+This module installs Grafana Loki as a log aggregation and storage solution in an EKS cluster, with the following components:
+
+* Deploys Loki using the official Grafana Helm chart
+* Creates an S3 bucket for persistent log storage
+* Configures IAM roles for service accounts (IRSA) to securely access S3
+* Sets up internal gateway for log queries and ingestion
+
+## Architecture
+
+The module sets up:
+- A Loki deployment via Helm with configurable image versions
+- An S3 bucket with KMS encryption for log persistence
+- An IRSA role for Loki to access the S3 bucket securely
+- Internal gateway service (`loki-gateway.{namespace}.svc.cluster.local`) for accessing Loki within the cluster
+
+## Prerequisites
+
+* An existing EKS cluster with OIDC provider configured
+* Sufficient node storage - nodes should have more than 40GB disk space
+* AWS S3 access for log storage
+* Appropriate Kubernetes storage classes configured
+
+## Usage
+
+```hcl
+module "loki" {
+  source = "git@github.e.it.census.gov:path/to/tfmod-loki.git"
+
+  cluster_name      = "my-eks-cluster"
+  oidc_provider_arn = module.eks.oidc_provider_arn
+  region            = "us-east-1"
+  namespace         = "monitoring"
+
+  # Optional - override default image versions
+  loki_tag         = "3.1.1"
+  gateway_tag      = "1.25.2-alpine"
+
+  tags = {
+    Environment = "production"
+    Team        = "platform"
+  }
+}
+
+# Access Loki internal endpoint
+resource "kubernetes_manifest" "example_grafana_datasource" {
+  manifest = {
+    # Configure Grafana datasource to point to:
+    # ${module.loki.gateway_internal_endpoint}
+  }
+}
+```
 
 <!-- BEGIN_TF_DOCS -->
 ## Requirements

diff --git a/s3.tf b/s3.tf
@@ -28,6 +28,7 @@ module "loki_s3" {
 
   bucket_name       = local.bucket_name
   access_log_bucket = data.aws_s3_bucket.s3_server_access_logs.id
+  force_destroy     = true
 
   tags = var.tags
 }