ensure example is portable

aws_pipeline.pipe.tf

@@ -32,6 +32,3 @@ resource "aws_codepipeline" "pipe" {
   tags = var.common_tags
 }
 
-locals {
-  role_arn = "${var.role_arn == "" ? aws_iam_role.pipeline.0.arn : var.role_arn}"
-}

example/examplea/aws_s3_bucket.codepipeline.tf

@@ -0,0 +1,8 @@
+resource "aws_s3_bucket" "codepipeline" {
+  #checkov:skip=CKV_AWS_21: "Ensure all data stored in the S3 bucket have versioning enabled"
+  #checkov:skip=CKV_AWS_52: "Ensure S3 bucket has MFA delete enabled"
+  #checkov:skip=CKV_AWS_18: "Ensure the S3 bucket has access logging enabled"
+  bucket = local.artifact_store.location
+  acl    = "private"
+  tags    = var.common_tags
+}

example/examplea/examplea.auto.tfvars

@@ -1,6 +1,3 @@
-artifact_store = {
-  location = "codepipeline-eu-west-1-163714928765"
-type = "S3" }
 description = ""
 name        = "cron-poll"
 stages = [{
@@ -54,5 +51,6 @@ stages = [{
 ]
 
 common_tags = {
-  name = "aws-codebuild-container"
+  name   = "aws-codebuild-container"
+  module = "JamesWoolfenden/codepipeline/aws"
 }

example/examplea/locals.tf

@@ -0,0 +1,8 @@
+locals {
+  artifact_store = {
+    location = "codepipeline-${data.aws_region.current.name}-${data.aws_caller_identity.current.account_id}"
+  type = "S3" }
+}
+
+data "aws_caller_identity" "current" {}
+data "aws_region" "current" {}

example/examplea/module.codepipeline.tf

@@ -1,6 +1,6 @@
 module "codepipeline" {
   source         = "../../"
-  artifact_store = var.artifact_store
+  artifact_store = local.artifact_store
   common_tags    = var.common_tags
   description    = var.description
   name           = var.name

example/examplea/variables.tf

@@ -9,7 +9,7 @@ variable "role_arn" {
 }
 
 variable "stages" {
-  type        = list
+  type        = list(any)
   description = "This list describes each stage of the build, so it really should be stages."
 }
 
@@ -19,10 +19,7 @@ variable "description" {
 }
 
 variable "common_tags" {
-  type        = map
+  type        = map(any)
   description = "Implements the common tags scheme"
 }
 
-variable "artifact_store" {
-  type = map
-}

locals.tf

@@ -0,0 +1,4 @@
+
+locals {
+  role_arn = var.role_arn == "" ? aws_iam_role.pipeline.0.arn : var.role_arn
+}