v3.2.0; aws_s3_bucket_acl

cu-cit-cloud-team · May 11, 2022 · 23c8596 · 23c8596
1 parent 2744923
commit 23c8596
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -18,6 +18,12 @@ Terraform module to create Terraform drift, plan, and apply CodePipelines.
 
 ## Change Log
 
+### 3.2.0
+- added minimum version of v4.9.0 for AWS provider
+- added `aws_s3_bucket_acl` resource
+  - This will require that the existing `aws_s3_bucket_aclconfiguration` be imported: `terraform import module.example.aws_s3_bucket_acl.codepipeline_bucket bucket-name,private,private`- 
+- removed `acl` property from `aws_s3_bucket`
+
 ### 3.1.0
 - added global tags to `build-drift` CloudWatch log group
 - added `log_retention_in_days` variable to allow customization of how long logs are kept

diff --git a/shared.tf b/shared.tf
@@ -10,12 +10,16 @@ data "aws_caller_identity" "current" {
 
 resource "aws_s3_bucket" "codepipeline_bucket" {
   bucket = "${var.namespace}-pipeline-resources"
-  acl    = "private"
   tags = merge(var.global_tags, {
     "cit:policy5.10-risk-level" = "medium"
   })
 }
 
+resource "aws_s3_bucket_acl" "codepipeline_bucket" {
+  bucket = aws_s3_bucket.codepipeline_bucket.id
+  acl    = "private"
+}
+
 resource "aws_iam_role" "codepipeline_role" {
   name = "${var.namespace}-pipeline-role"
 

diff --git a/versions.tf b/versions.tf
@@ -1,5 +1,9 @@
 terraform {
-  required_providers {
+  required_providers
+    aws     = {
+      source  = "hashicorp/aws"
+      version = ">= 4.9.0"
+    }
     archive = {
       source  = "hashicorp/archive"
       version = "2.2.0"