From d8f52bc256b3eb2e8987c7bc2f83e7dfffd505e9 Mon Sep 17 00:00:00 2001 From: Jake Heath <76011913+jakeyheath@users.noreply.github.com> Date: Tue, 26 Apr 2022 12:34:47 -0700 Subject: [PATCH] fix: treat AWS account IDs as strings (#634) --- .../templates/component/terraform/fogg.tf.tmpl | 2 +- .../v2_full_yaml/.github/workflows/fogg_ci.yml | 2 +- testdata/v2_full_yaml/fogg.yml | 4 ++-- .../v2_full_yaml/terraform/accounts/bar/Makefile | 2 +- .../v2_full_yaml/terraform/accounts/bar/fogg.tf | 16 ++++++++-------- .../v2_full_yaml/terraform/accounts/foo/fogg.tf | 4 ++-- .../terraform/envs/prod/datadog/fogg.tf | 6 +++--- .../terraform/envs/prod/hero/fogg.tf | 6 +++--- .../terraform/envs/prod/okta/fogg.tf | 6 +++--- .../terraform/envs/prod/sentry/fogg.tf | 6 +++--- .../v2_full_yaml/terraform/envs/prod/vpc/fogg.tf | 6 +++--- .../terraform/envs/staging/comp1/fogg.tf | 6 +++--- .../terraform/envs/staging/comp2/fogg.tf | 6 +++--- .../terraform/envs/staging/vpc/fogg.tf | 6 +++--- testdata/v2_full_yaml/terraform/global/fogg.tf | 2 +- 15 files changed, 40 insertions(+), 40 deletions(-) diff --git a/templates/templates/component/terraform/fogg.tf.tmpl b/templates/templates/component/terraform/fogg.tf.tmpl index 538e5b140..8271d6485 100644 --- a/templates/templates/component/terraform/fogg.tf.tmpl +++ b/templates/templates/component/terraform/fogg.tf.tmpl @@ -159,7 +159,7 @@ variable "aws_accounts" { type = map(string) default = { {{ range $account, $id := .Accounts }} - {{ $account }} = {{ $id }} + {{ $account }} = "{{ $id }}" {{ end }} } } diff --git a/testdata/v2_full_yaml/.github/workflows/fogg_ci.yml b/testdata/v2_full_yaml/.github/workflows/fogg_ci.yml index e354a3f15..3594ee234 100644 --- a/testdata/v2_full_yaml/.github/workflows/fogg_ci.yml +++ b/testdata/v2_full_yaml/.github/workflows/fogg_ci.yml @@ -44,7 +44,7 @@ jobs: - run: aws configure set aws_access_key_id ${{ secrets.IDACCT_AWS_ACCESS_KEY_ID }} --profile _idacct - run: aws configure set aws_secret_access_key ${{ secrets.IDACCT_AWS_SECRET_ACCESS_KEY }} --profile _idacct - run: aws --profile _idacct sts get-caller-identity - - run: aws configure set profile.profile.role_arn arn:aws:iam::456:role/foo + - run: aws configure set profile.profile.role_arn arn:aws:iam::00456:role/foo - run: aws configure set profile.profile.source_profile _idacct - run: aws --profile profile sts get-caller-identity # we only run the following if there are changes in the terraform/* directory diff --git a/testdata/v2_full_yaml/fogg.yml b/testdata/v2_full_yaml/fogg.yml index fe1ba016f..4bbcc3f90 100644 --- a/testdata/v2_full_yaml/fogg.yml +++ b/testdata/v2_full_yaml/fogg.yml @@ -2,7 +2,7 @@ accounts: bar: providers: aws: - account_id: 456 + account_id: 00456 additional_regions: - us-east-1 - us-east-2 @@ -44,7 +44,7 @@ defaults: project: proj providers: aws: - account_id: 456 + account_id: 00456 profile: profile region: us-west-2 version: 0.12.0 diff --git a/testdata/v2_full_yaml/terraform/accounts/bar/Makefile b/testdata/v2_full_yaml/terraform/accounts/bar/Makefile index 083b2ba27..d8ca0515d 100644 --- a/testdata/v2_full_yaml/terraform/accounts/bar/Makefile +++ b/testdata/v2_full_yaml/terraform/accounts/bar/Makefile @@ -11,7 +11,7 @@ export AWS_BACKEND_PROFILE := profile -export AWS_PROVIDER_ROLE_ARN := arn:aws:iam::456:role/foo +export AWS_PROVIDER_ROLE_ARN := arn:aws:iam::00456:role/foo diff --git a/testdata/v2_full_yaml/terraform/accounts/bar/fogg.tf b/testdata/v2_full_yaml/terraform/accounts/bar/fogg.tf index 299798ffe..b08748bc8 100644 --- a/testdata/v2_full_yaml/terraform/accounts/bar/fogg.tf +++ b/testdata/v2_full_yaml/terraform/accounts/bar/fogg.tf @@ -6,10 +6,10 @@ provider "aws" { assume_role { - role_arn = "arn:aws:iam::456:role/foo" + role_arn = "arn:aws:iam::00456:role/foo" } - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -124,10 +124,10 @@ provider "aws" { assume_role { - role_arn = "arn:aws:iam::456:role/foo" + role_arn = "arn:aws:iam::00456:role/foo" } - allowed_account_ids = [456] + allowed_account_ids = [00456] } @@ -137,10 +137,10 @@ provider "aws" { assume_role { - role_arn = "arn:aws:iam::456:role/foo" + role_arn = "arn:aws:iam::00456:role/foo" } - allowed_account_ids = [456] + allowed_account_ids = [00456] } @@ -306,9 +306,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/accounts/foo/fogg.tf b/testdata/v2_full_yaml/terraform/accounts/foo/fogg.tf index e5ac296dd..cff4261b8 100644 --- a/testdata/v2_full_yaml/terraform/accounts/foo/fogg.tf +++ b/testdata/v2_full_yaml/terraform/accounts/foo/fogg.tf @@ -148,9 +148,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/prod/datadog/fogg.tf b/testdata/v2_full_yaml/terraform/envs/prod/datadog/fogg.tf index af15b1fea..b664c8582 100644 --- a/testdata/v2_full_yaml/terraform/envs/prod/datadog/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/prod/datadog/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -223,9 +223,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/prod/hero/fogg.tf b/testdata/v2_full_yaml/terraform/envs/prod/hero/fogg.tf index 6af459228..bcab70c3a 100644 --- a/testdata/v2_full_yaml/terraform/envs/prod/hero/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/prod/hero/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -146,9 +146,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/prod/okta/fogg.tf b/testdata/v2_full_yaml/terraform/envs/prod/okta/fogg.tf index c1d557dbe..05874f62a 100644 --- a/testdata/v2_full_yaml/terraform/envs/prod/okta/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/prod/okta/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -226,9 +226,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/prod/sentry/fogg.tf b/testdata/v2_full_yaml/terraform/envs/prod/sentry/fogg.tf index 3fd8971c1..7fcc190f7 100644 --- a/testdata/v2_full_yaml/terraform/envs/prod/sentry/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/prod/sentry/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -156,9 +156,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/prod/vpc/fogg.tf b/testdata/v2_full_yaml/terraform/envs/prod/vpc/fogg.tf index ff2b437db..a0ae01cc8 100644 --- a/testdata/v2_full_yaml/terraform/envs/prod/vpc/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/prod/vpc/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -216,9 +216,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/staging/comp1/fogg.tf b/testdata/v2_full_yaml/terraform/envs/staging/comp1/fogg.tf index d7d1db2a6..a481c6d29 100644 --- a/testdata/v2_full_yaml/terraform/envs/staging/comp1/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/staging/comp1/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -184,9 +184,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/staging/comp2/fogg.tf b/testdata/v2_full_yaml/terraform/envs/staging/comp2/fogg.tf index d9e6abdb9..0fbdb6484 100644 --- a/testdata/v2_full_yaml/terraform/envs/staging/comp2/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/staging/comp2/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -184,9 +184,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/envs/staging/vpc/fogg.tf b/testdata/v2_full_yaml/terraform/envs/staging/vpc/fogg.tf index b07a49f24..0097aa771 100644 --- a/testdata/v2_full_yaml/terraform/envs/staging/vpc/fogg.tf +++ b/testdata/v2_full_yaml/terraform/envs/staging/vpc/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region). @@ -184,9 +184,9 @@ variable "aws_accounts" { type = map(string) default = { - bar = 456 + bar = "00456" - foo = 123 + foo = "123" } } diff --git a/testdata/v2_full_yaml/terraform/global/fogg.tf b/testdata/v2_full_yaml/terraform/global/fogg.tf index 94c24b63c..0f5e6bfcc 100644 --- a/testdata/v2_full_yaml/terraform/global/fogg.tf +++ b/testdata/v2_full_yaml/terraform/global/fogg.tf @@ -5,7 +5,7 @@ provider "aws" { region = "us-west-2" profile = "profile" - allowed_account_ids = [456] + allowed_account_ids = [00456] } # Aliased Providers (for doing things in every region).