diff --git a/examples/vpc_config/vpc.tf b/examples/vpc_config/vpc.tf index 4a23a16..8ab2d43 100644 --- a/examples/vpc_config/vpc.tf +++ b/examples/vpc_config/vpc.tf @@ -9,7 +9,7 @@ resource "aws_internet_gateway" "gw" { } resource "aws_eip" "nat" { - vpc = true + domain = "vpc" depends_on = [aws_internet_gateway.gw] } diff --git a/main.tf b/main.tf index 2b9f889..d9b1aaf 100644 --- a/main.tf +++ b/main.tf @@ -1,8 +1,8 @@ locals { - default_lambda_bucket = format("observeinc-%s", data.aws_region.current.name) + default_lambda_bucket = format("observeinc-%s", data.aws_region.current.id) lambda_iam_role_arn = var.lambda_iam_role_arn != "" ? var.lambda_iam_role_arn : aws_iam_role.lambda[0].arn lambda_iam_role_name = regex(".*role/(?P.*)$", local.lambda_iam_role_arn)["role_name"] - s3_bucket = var.s3_bucket != "" ? var.s3_bucket : lookup(var.s3_regional_buckets, data.aws_region.current.name, local.default_lambda_bucket) + s3_bucket = var.s3_bucket != "" ? var.s3_bucket : lookup(var.s3_regional_buckets, data.aws_region.current.id, local.default_lambda_bucket) s3_key = var.s3_key != "" ? var.s3_key : join("/", [var.s3_key_prefix, format("%s.zip", var.lambda_version)]) observe_token = var.kms_key != null ? aws_kms_ciphertext.token[0].ciphertext_blob : var.observe_token goarch = lookup( @@ -10,19 +10,19 @@ locals { "amd64" : { architectures = ["x86_64"] handler = "bootstrap" - runtime = "provided.al2" + runtime = "provided.al2023" } "arm64" : { architectures = ["arm64"] handler = "bootstrap" - runtime = "provided.al2" + runtime = "provided.al2023" } }, split("/", var.lambda_version)[0], { architectures = null - handler = "main" - runtime = "go1.x" + handler = "bootstrap" + runtime = "provided.al2023" }, ) } diff --git a/modules/s3_bucket/README.md b/modules/s3_bucket/README.md index 29e7dfc..ab6c023 100644 --- a/modules/s3_bucket/README.md +++ b/modules/s3_bucket/README.md @@ -52,7 +52,6 @@ module "observe_lambda_s3_subscription" { |------|------| | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | | [aws_iam_policy_document.bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_redshift_service_account.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/redshift_service_account) | data source | ## Inputs diff --git a/modules/s3_bucket/main.tf b/modules/s3_bucket/main.tf index 123465c..4bb73b5 100644 --- a/modules/s3_bucket/main.tf +++ b/modules/s3_bucket/main.tf @@ -42,8 +42,6 @@ module "s3_bucket" { tags = var.tags } -data "aws_redshift_service_account" "this" {} - data "aws_iam_policy_document" "bucket" { statement { sid = "AWSCloudTrailWrite" @@ -134,8 +132,8 @@ data "aws_iam_policy_document" "bucket" { effect = "Allow" principals { - type = "AWS" - identifiers = [data.aws_redshift_service_account.this.arn] + type = "Service" + identifiers = ["redshift.amazonaws.com"] } actions = [ @@ -152,8 +150,8 @@ data "aws_iam_policy_document" "bucket" { effect = "Allow" principals { - type = "AWS" - identifiers = [data.aws_redshift_service_account.this.arn] + type = "Service" + identifiers = ["redshift.amazonaws.com"] } actions = [