From 89b9c25247de34bec23504a1eaf0222ad9e174a7 Mon Sep 17 00:00:00 2001 From: Deepak Verma Date: Fri, 15 Sep 2023 20:53:17 +0530 Subject: [PATCH 1/2] fix: kms policy fixed --- main.tf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 6627a48..5ad1880 100644 --- a/main.tf +++ b/main.tf @@ -120,6 +120,8 @@ resource "aws_kms_key" "default" { tags = module.labels.tags } +data "aws_caller_identity" "this" {} + resource "aws_kms_alias" "default" { count = var.enable && var.kms_key_enabled && var.kms_key_id == "" ? 1 : 0 name = coalesce(var.alias, format("alias/%v", module.labels.id)) @@ -133,12 +135,11 @@ data "aws_iam_policy_document" "kms" { effect = "Allow" principals { type = "AWS" - identifiers = ["*"] + identifiers = [format("arn:aws:iam::%s:root", data.aws_caller_identity.this.account_id)] } actions = ["kms:*"] resources = ["*"] } - } ##---------------------------------------------------------------------------------- From 705632f595593dfaa0f979fe2f055202a6b429a6 Mon Sep 17 00:00:00 2001 From: Deepak Verma Date: Fri, 15 Sep 2023 22:39:43 +0530 Subject: [PATCH 2/2] tflint error fixed --- _example/complete/example.tf | 6 +++--- variables.tf | 8 +------- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/_example/complete/example.tf b/_example/complete/example.tf index c015b70..a9afad0 100644 --- a/_example/complete/example.tf +++ b/_example/complete/example.tf @@ -2,7 +2,7 @@ ## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. ####---------------------------------------------------------------------------------- provider "aws" { - region = "eu-west-1" + region = "us-west-1" } locals { @@ -31,7 +31,7 @@ module "public_subnets" { name = "public-subnet" environment = local.environment label_order = local.label_order - availability_zones = ["eu-west-1b", "eu-west-1c"] + availability_zones = ["us-west-1b", "us-west-1c"] vpc_id = module.vpc.vpc_id cidr_block = module.vpc.vpc_cidr_block type = "public" @@ -91,7 +91,7 @@ module "ec2" { ssh_allowed_ports = [22] #Instance instance_count = 1 - ami = "ami-08d658f84a6d84a80" + ami = "ami-0f8e81a3da6e2510a" instance_type = "t2.nano" #Keypair diff --git a/variables.tf b/variables.tf index 1c297e5..d14ea36 100644 --- a/variables.tf +++ b/variables.tf @@ -234,7 +234,7 @@ variable "cpu_core_count" { variable "iam_instance_profile" { type = string - default = "" + default = null description = "The IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile." } @@ -495,12 +495,6 @@ variable "public_key" { sensitive = true } -variable "key_path" { - type = string - default = "" - description = "Name (e.g. `~/.ssh/id_rsa.pub`)." -} - ###### spot variable "spot_instance_enabled" { type = bool