Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix bucket permission #4

Merged
merged 12 commits into from
Dec 21, 2020
Merged

fix bucket permission #4

merged 12 commits into from
Dec 21, 2020

Conversation

mcalhoun
Copy link
Member

what

  • update the bucket permissions to allow writing from multiple accounts

why

  • the bucket will be used centrally and multiple accounts need to write to the bucket

@mcalhoun mcalhoun requested a review from a team as a code owner December 14, 2020 16:08
osterman
osterman reviewed Dec 14, 2020
View reviewed changes
main.tf
@@ -85,5 +86,5 @@ data "aws_caller_identity" "current" {}
locals {
current_account_id = data.aws_caller_identity.current.account_id
s3_bucket_arn = module.this.enabled ? module.storage[0].bucket_arn : ""
s3_object_prefix = format("%s/AWSLogs/%s/Config/*", local.s3_bucket_arn, local.current_account_id)
s3_object_prefix = format("%s/AWSLogs/*", local.s3_bucket_arn)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you know why the previous constraint failed? It's nice that it was scoped to the account id.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, because previously we were only allowing a single account to write to the bucket. Now, we are allowing all accounts in the org to write there.

@mcalhoun mcalhoun marked this pull request as draft December 17, 2020 19:49
@mcalhoun mcalhoun force-pushed the chore/fix-bucket-permissions branch from 6c6f94b to 5093775 Compare December 17, 2020 19:59
@mcalhoun mcalhoun added the terraform/0.13 Module requires Terraform 0.13 or later label Dec 20, 2020
@mcalhoun mcalhoun marked this pull request as ready for review December 20, 2020 17:26
@mcalhoun
Copy link
Member Author

/test all

@mcalhoun
Copy link
Member Author

/test all

@mcalhoun mcalhoun merged commit dde6776 into master Dec 21, 2020
@mcalhoun mcalhoun deleted the chore/fix-bucket-permissions branch December 21, 2020 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@osterman osterman osterman approved these changes

Assignees
No one assigned
Labels
terraform/0.13 Module requires Terraform 0.13 or later
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mcalhoun @osterman