Merge pull request #6 from skeletorsue/master

Update module to be terraform 0.12 compliant.
Aplyca · Jul 2, 2019 · 168d7a6 · 168d7a6
2 parents c18a7b3 + b07acea
commit 168d7a6
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 21 deletions.
diff --git a/data.tf b/data.tf
@@ -22,20 +22,18 @@ data "aws_iam_policy_document" "access_identity" {
 }
 
 data "template_file" "access_identity" {
-  count = "${var.access_identity ? 1 : 0}"
-  template = "${data.aws_iam_policy_document.access_identity.json}"
+  count    = "${var.access_identity ? 1 : 0}"
+  template = "${element(data.aws_iam_policy_document.access_identity.*.json, 0)}"
 
-  vars {
+  vars = {
     origin_path = "/"
     bucket_name = "${aws_s3_bucket.this.id}"
   }
 }
 
 data "aws_iam_policy_document" "read" {
   statement {
-    actions = [
-      "${var.read_permissions}"
-    ]
+    actions = "${var.read_permissions}"
 
     resources = [
       "${aws_s3_bucket.this.arn}/*",
@@ -46,9 +44,7 @@ data "aws_iam_policy_document" "read" {
 
 data "aws_iam_policy_document" "write" {
   statement {
-    actions = [
-      "${var.write_permissions}"
-    ]
+    actions = "${var.write_permissions}"
 
     resources = [
       "${aws_s3_bucket.this.arn}/*"
@@ -60,9 +56,7 @@ data "aws_iam_policy_document" "write" {
 data "aws_iam_policy_document" "public" {
   count = "${var.acl == "public-read" ? 1 : 0}"
   statement {
-    actions = [
-      "${var.read_permissions}"
-    ]
+    actions = "${var.read_permissions}"
 
     principals {
       type        = "AWS"
@@ -76,8 +70,8 @@ data "aws_iam_policy_document" "public" {
 }
 
 data "template_file" "public" {
-  count = "${var.acl == "public-read" ? 1 : 0}"
-  template = "${data.aws_iam_policy_document.public.json}"
+  count    = "${var.acl == "public-read" ? 1 : 0}"
+  template = "${element(data.aws_iam_policy_document.public.*.json, 0)}"
 }
 
 data "template_file" "write" {

diff --git a/main.tf b/main.tf
@@ -15,27 +15,83 @@ resource "aws_s3_bucket" "this" {
     max_age_seconds = "${var.cors_max_age_seconds}"
   }
 
-  logging = "${var.logging}"
+  dynamic "logging" {
+    for_each = var.logging
+    content {
+      target_bucket = lookup(logging.value, "target_bucket")
+      target_prefix = lookup(logging.value, "target_prefix", null)
+    }
+  }
 
   versioning {
     enabled = "${var.versioning_enabled}"
   }
 
-  website = ["${var.website}"]
+  dynamic "website" {
+    for_each = var.website
+    content {
+      index_document           = lookup(website.value, "index_document")
+      error_document           = lookup(website.value, "error_document", null)
+      redirect_all_requests_to = lookup(website.value, "redirect_all_requests_to", null)
+      routing_rules            = lookup(website.value, "routing_rules", null)
+    }
+  }
+
+  dynamic "lifecycle_rule" {
+    for_each = var.lifecycle_rule
+    content {
+      id                                     = lookup(lifecycle_rule.value, "id", null)
+      prefix                                 = lookup(lifecycle_rule.value, "prefix", null)
+      tags                                   = lookup(lifecycle_rule.value, "tags", null)
+      enabled                                = lookup(lifecycle_rule.value, "enabled")
+      abort_incomplete_multipart_upload_days = lookup(lifecycle_rule.value, "abort_incomplete_multipart_upload_days", null)
+
+      dynamic "expiration" {
+        for_each = lookup(lifecycle_rule.value, "expiration", [])
+        content {
+          days                         = lookup(expiration.value, "days", null)
+          date                         = lookup(expiration.value, "date", null)
+          expired_object_delete_marker = lookup(expiration.value, "expired_object_delete_marker", null)
+        }
+      }
 
-  lifecycle_rule = "${var.lifecycle_rule}"
+      dynamic "transition" {
+        for_each = lookup(lifecycle_rule.value, "transition", [])
+        content {
+          days          = lookup(transition.value, "days", null)
+          date          = lookup(transition.value, "date", null)
+          storage_class = lookup(transition.value, "storage_class")
+        }
+      }
+
+      dynamic "noncurrent_version_expiration" {
+        for_each = lookup(lifecycle_rule.value, "noncurrent_version_expiration", [])
+        content {
+          days = lookup(noncurrent_version_expiration.value, "days")
+        }
+      }
+
+      dynamic "noncurrent_version_transition" {
+        for_each = lookup(lifecycle_rule.value, "noncurrent_version_transition", [])
+        content {
+          days          = lookup(noncurrent_version_transition.value, "days")
+          storage_class = lookup(noncurrent_version_transition.value, "storage_class")
+        }
+      }
+    }
+  }
 }
 
 resource "aws_s3_bucket_policy" "access_identity" {
   count  = "${var.access_identity ? 1 : 0}"
   bucket = "${aws_s3_bucket.this.id}"
-  policy = "${data.template_file.access_identity.rendered}"
+  policy = "${element(data.template_file.access_identity.*.rendered, 0)}"
 }
 
 resource "aws_s3_bucket_policy" "public" {
   count  = "${var.acl == "public-read" ? 1 : 0}"
   bucket = "${aws_s3_bucket.this.id}"
-  policy = "${data.template_file.public.rendered}"
+  policy = "${element(data.template_file.public.*.rendered, 0)}"
 }
 
 resource "aws_iam_policy" "read" {
@@ -48,7 +104,7 @@ resource "aws_iam_policy" "read" {
 resource "aws_iam_role_policy_attachment" "read" {
   count      = "${length(var.read_roles)}"
   role       = "${element(var.read_roles, count.index)}"
-  policy_arn = "${aws_iam_policy.read.arn}"
+  policy_arn = "${element(aws_iam_policy.read.*.arn, 0)}"
 }
 
 resource "aws_iam_policy" "write" {
@@ -61,5 +117,5 @@ resource "aws_iam_policy" "write" {
 resource "aws_iam_role_policy_attachment" "write" {
   count      = "${length(var.write_roles)}"
   role       = "${element(var.write_roles, count.index)}"
-  policy_arn = "${aws_iam_policy.write.arn}"
+  policy_arn = "${element(aws_iam_policy.write.*.arn, 0)}"
 }
diff --git a/version.tf b/version.tf
@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 0.12.0"
+}