From c1d0714fefad56022d1ec257dcbb20d394c858ce Mon Sep 17 00:00:00 2001 From: Spencer Williams Date: Tue, 10 Oct 2023 09:53:04 -0700 Subject: [PATCH 1/3] fix: update the time provider version allowed Hashicorp's `time` provider 0.6.x does not have a binary for the darwin_arm64 platform, so developers on the new M1/M2 Macs will not be able to apply this module. The 0.7.x release includes a darwin_arm64 binary and makes no other changes. I would also note that `time` is a very stable provider overall (current version 0.9.1, released Nov 2022). I recommend switching any `~>` constraints to `>=` unless there is a documented reason not to. --- versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.tf b/versions.tf index dd37432..a1b8d92 100644 --- a/versions.tf +++ b/versions.tf @@ -12,7 +12,7 @@ terraform { } time = { source = "hashicorp/time" - version = "~> 0.6" + version = "~> 0.7" } lacework = { source = "lacework/lacework" From 6cc0827959d2fdf83eb937c73469e7a529913448 Mon Sep 17 00:00:00 2001 From: Spencer Williams Date: Tue, 10 Oct 2023 09:53:04 -0700 Subject: [PATCH 2/3] chore: fmt --- main.tf | 64 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/main.tf b/main.tf index edef313..d0951a7 100644 --- a/main.tf +++ b/main.tf @@ -46,54 +46,54 @@ data "aws_iam_policy_document" "lacework_audit_policy" { } statement { - sid = "EFS" - actions = ["elasticfilesystem:DescribeFileSystemPolicy", - "elasticfilesystem:DescribeLifecycleConfiguration", - "elasticfilesystem:DescribeAccessPoints", - "elasticfilesystem:DescribeAccountPreferences", - "elasticfilesystem:DescribeBackupPolicy", - "elasticfilesystem:DescribeReplicationConfigurations"] + sid = "EFS" + actions = ["elasticfilesystem:DescribeFileSystemPolicy", + "elasticfilesystem:DescribeLifecycleConfiguration", + "elasticfilesystem:DescribeAccessPoints", + "elasticfilesystem:DescribeAccountPreferences", + "elasticfilesystem:DescribeBackupPolicy", + "elasticfilesystem:DescribeReplicationConfigurations"] resources = ["*"] } statement { - sid = "EMR" - actions = ["elasticmapreduce:ListBootstrapActions", - "elasticmapreduce:ListInstanceFleets", - "elasticmapreduce:ListInstanceGroups"] + sid = "EMR" + actions = ["elasticmapreduce:ListBootstrapActions", + "elasticmapreduce:ListInstanceFleets", + "elasticmapreduce:ListInstanceGroups"] resources = ["*"] } statement { - sid = "SAGEMAKER" - actions = ["sagemaker:GetModelPackageGroupPolicy", - "sagemaker:GetLineageGroupPolicy"] + sid = "SAGEMAKER" + actions = ["sagemaker:GetModelPackageGroupPolicy", + "sagemaker:GetLineageGroupPolicy"] resources = ["*"] } statement { - sid = "IDENTITYSTORE" - actions = ["identitystore:DescribeGroup", - "identitystore:DescribeGroupMembership", - "identitystore:DescribeUser", - "identitystore:ListGroupMemberships", - "identitystore:ListGroupMembershipsForMember", - "identitystore:ListGroups", - "identitystore:ListUsers"] + sid = "IDENTITYSTORE" + actions = ["identitystore:DescribeGroup", + "identitystore:DescribeGroupMembership", + "identitystore:DescribeUser", + "identitystore:ListGroupMemberships", + "identitystore:ListGroupMembershipsForMember", + "identitystore:ListGroups", + "identitystore:ListUsers"] resources = ["*"] } statement { - sid = "SSO" - actions = ["sso:DescribeAccountAssignmentDeletionStatus", - "sso:DescribeInstanceAccessControlAttributeConfiguration", - "sso:GetInlinePolicyForPermissionSet"] + sid = "SSO" + actions = ["sso:DescribeAccountAssignmentDeletionStatus", + "sso:DescribeInstanceAccessControlAttributeConfiguration", + "sso:GetInlinePolicyForPermissionSet"] resources = ["*"] } statement { - sid = "APIGATEWAY" - actions = ["apigateway:GetApiKeys", + sid = "APIGATEWAY" + actions = ["apigateway:GetApiKeys", "apigateway:GetAuthorizers", "apigateway:GetBasePathMappings", "apigateway:GetClientCertificates", @@ -113,13 +113,13 @@ data "aws_iam_policy_document" "lacework_audit_policy" { "apigateway:GetTags", "apigateway:GetUsagePlanKeys", "apigateway:GetUsagePlans", - "apigateway:GetVpcLinks"] + "apigateway:GetVpcLinks"] resources = ["*"] } statement { - sid = "APIGATEWAYV2" - actions = ["apigatewayv2:GetApis", + sid = "APIGATEWAYV2" + actions = ["apigatewayv2:GetApis", "apigatewayv2:GetApiMappings", "apigatewayv2:GetAuthorizers", "apigatewayv2:GetDeployments", @@ -131,7 +131,7 @@ data "aws_iam_policy_document" "lacework_audit_policy" { "apigatewayv2:GetRoute", "apigatewayv2:GetRouteResponses", "apigatewayv2:GetStages", - "apigatewayv2:GetVpcLinks"] + "apigatewayv2:GetVpcLinks"] resources = ["*"] } } From 4ac1c061b68337697e064e6c709495eb2a0af291 Mon Sep 17 00:00:00 2001 From: Spencer Williams Date: Tue, 10 Oct 2023 09:55:11 -0700 Subject: [PATCH 3/3] docs(readme): keep readme up to date with code --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 59af2c2..66fde2f 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ Terraform module for configuring an integration with Lacework and AWS for cloud | [aws](#requirement\_aws) | >= 3.35.0 | | [lacework](#requirement\_lacework) | ~> 1.0 | | [random](#requirement\_random) | >= 2.1 | -| [time](#requirement\_time) | ~> 0.6 | +| [time](#requirement\_time) | ~> 0.7 | ## Providers @@ -25,7 +25,7 @@ Terraform module for configuring an integration with Lacework and AWS for cloud | [aws](#provider\_aws) | >= 3.35.0 | | [lacework](#provider\_lacework) | ~> 1.0 | | [random](#provider\_random) | >= 2.1 | -| [time](#provider\_time) | ~> 0.6 | +| [time](#provider\_time) | ~> 0.7 | ## Modules