Skip to content

Commit

Permalink
Merge pull request #103 from trussworks/ee-add-aws3-support
Browse files Browse the repository at this point in the history
Ee add aws provider v3 support to tf12 branch
  • Loading branch information
eeeady authored Sep 24, 2020
2 parents e2b4b68 + 3a5b2a1 commit e1597e4
Show file tree
Hide file tree
Showing 16 changed files with 13 additions and 25 deletions.
5 changes: 2 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,13 +97,13 @@ module "aws_logs" {
| Name | Version |
|------|---------|
| terraform | ~> 0.12.0 |
| aws | ~> 2.70 |
| aws | >= 2.68, < 4.0 |

## Providers

| Name | Version |
|------|---------|
| aws | ~> 2.70 |
| aws | >= 2.68, < 4.0 |

## Inputs

Expand Down Expand Up @@ -131,7 +131,6 @@ module "aws_logs" {
| nlb\_account | Account for NLB logs. By default limits to the current account. | `string` | `""` | no |
| nlb\_logs\_prefixes | S3 key prefixes for NLB logs. | `list(string)` | <pre>[<br> "nlb"<br>]</pre> | no |
| redshift\_logs\_prefix | S3 prefix for RedShift logs. | `string` | `"redshift"` | no |
| region | Region where the AWS S3 bucket will be created. | `string` | n/a | yes |
| s3\_bucket\_acl | Set bucket ACL per [AWS S3 Canned ACL](<https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl>) list. | `string` | `"log-delivery-write"` | no |
| s3\_bucket\_name | S3 bucket to store AWS logs in. | `string` | n/a | yes |
| s3\_log\_bucket\_retention | Number of days to keep AWS logs around. | `string` | `90` | no |
Expand Down
1 change: 0 additions & 1 deletion examples/alb/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
alb_logs_prefixes = var.alb_logs_prefixes
region = var.region
allow_alb = true
default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/alb_remote/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
alb_logs_prefixes = var.alb_logs_prefixes
region = var.region
allow_alb = true
default_allow = false

Expand Down
3 changes: 1 addition & 2 deletions examples/cloudtrail/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ module "aws_logs" {
source = "../../"

s3_bucket_name = var.test_name
region = var.region
force_destroy = var.force_destroy
cloudtrail_logs_prefix = var.cloudtrail_logs_prefix

Expand All @@ -12,7 +11,7 @@ module "aws_logs" {

module "aws_cloudtrail" {
source = "trussworks/cloudtrail/aws"
version = "~> 2"
version = "~> 3.0"

s3_bucket_name = module.aws_logs.aws_logs_bucket
cloudwatch_log_group_name = var.test_name
Expand Down
5 changes: 2 additions & 3 deletions examples/combined/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ module "aws_logs" {
source = "../../"

s3_bucket_name = var.test_name
region = var.region
default_allow = true

force_destroy = var.force_destroy
Expand All @@ -23,7 +22,7 @@ resource "aws_lb" "test_alb" {

module "aws_cloudtrail" {
source = "trussworks/cloudtrail/aws"
version = "~> 2"
version = "~> 3.0"

s3_bucket_name = module.aws_logs.aws_logs_bucket
s3_key_prefix = "cloudtrail"
Expand All @@ -32,7 +31,7 @@ module "aws_cloudtrail" {

module "config" {
source = "trussworks/config/aws"
version = "~> 2"
version = "~> 3"

config_name = var.test_name
config_logs_bucket = module.aws_logs.aws_logs_bucket
Expand Down
1 change: 1 addition & 0 deletions examples/combined/providers.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
provider "aws" {
version = "~> 2.70"
region = var.region
}
1 change: 0 additions & 1 deletion examples/config/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ module "aws_logs" {
source = "../../"

s3_bucket_name = var.test_name
region = var.region
allow_config = true
default_allow = false
config_logs_prefix = var.config_logs_prefix
Expand Down
1 change: 0 additions & 1 deletion examples/elb/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
elb_logs_prefix = var.elb_logs_prefix
region = var.region
allow_elb = true
default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/nlb/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
nlb_logs_prefixes = var.nlb_logs_prefixes
region = var.region
allow_nlb = true
default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/nlb_remote/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
nlb_logs_prefixes = var.nlb_logs_prefixes
region = var.region
allow_nlb = true
default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/redshift/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module "aws_logs" {

s3_bucket_name = var.test_name
redshift_logs_prefix = var.redshift_logs_prefix
region = var.region
allow_redshift = true
default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/s3/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ module "aws_logs" {
source = "../../"

s3_bucket_name = var.test_name
region = var.region

default_allow = false

Expand Down
1 change: 0 additions & 1 deletion examples/simple/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ module "aws_logs" {
source = "../../"

s3_bucket_name = var.test_name
region = var.region

force_destroy = var.force_destroy
tags = var.tags
Expand Down
8 changes: 6 additions & 2 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ data "aws_caller_identity" "current" {
data "aws_partition" "current" {
}

# The region is pulled from the current AWS session you are in
data "aws_region" "current" {

}

locals {
# S3 bucket ARN
bucket_arn = "arn:${data.aws_partition.current.partition}:s3:::${var.s3_bucket_name}"
Expand Down Expand Up @@ -48,7 +53,7 @@ locals {
cloudwatch_effect = var.default_allow || var.allow_cloudwatch ? "Allow" : "Deny"

# region specific logs service principal
cloudwatch_service = "logs.${var.region}.amazonaws.com"
cloudwatch_service = "logs.${data.aws_region.current.name}.amazonaws.com"

cloudwatch_resource = "${local.bucket_arn}/${var.cloudwatch_logs_prefix}/*"

Expand Down Expand Up @@ -348,7 +353,6 @@ data "aws_iam_policy_document" "main" {
resource "aws_s3_bucket" "aws_logs" {
bucket = var.s3_bucket_name
acl = var.s3_bucket_acl
region = var.region
policy = data.aws_iam_policy_document.main.json
force_destroy = var.force_destroy

Expand Down
5 changes: 0 additions & 5 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,6 @@ variable "s3_bucket_name" {
type = string
}

variable "region" {
description = "Region where the AWS S3 bucket will be created."
type = string
}

variable "s3_log_bucket_retention" {
description = "Number of days to keep AWS logs around."
default = 90
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ terraform {
required_version = "~> 0.12.0"

required_providers {
aws = "~> 2.70"
aws = ">= 2.68, < 4.0"
}
}

0 comments on commit e1597e4

Please sign in to comment.