From 31cee6fef0a8b17bb8753b9ab2c800ff3592e987 Mon Sep 17 00:00:00 2001 From: badra001 Date: Wed, 6 Sep 2023 12:36:12 -0400 Subject: [PATCH] add s3 to kms key --- cloudtrail-key/README.md | 1 + cloudtrail-key/main.tf | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cloudtrail-key/README.md b/cloudtrail-key/README.md index 172f320..decfa34 100644 --- a/cloudtrail-key/README.md +++ b/cloudtrail-key/README.md @@ -76,6 +76,7 @@ No modules. | [aws_iam_policy_document.key_orig](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.key_policy_combined](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | +| [aws_regions.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/regions) | data source | ## Inputs diff --git a/cloudtrail-key/main.tf b/cloudtrail-key/main.tf index 3e5c7c7..380f4cb 100644 --- a/cloudtrail-key/main.tf +++ b/cloudtrail-key/main.tf @@ -252,7 +252,7 @@ data "aws_iam_policy_document" "key" { resources = ["*"] principals { type = "Service" - identifiers = ["cloudtrail.amazonaws.com", "sns.amazonaws.com", "sqs.amazonaws.com"] + identifiers = ["cloudtrail.amazonaws.com", "sns.amazonaws.com", "sqs.amazonaws.com", "s3.amazonaws.com"] } } statement { @@ -267,7 +267,7 @@ data "aws_iam_policy_document" "key" { resources = ["*"] principals { type = "Service" - identifiers = ["cloudtrail.amazonaws.com"] + identifiers = ["cloudtrail.amazonaws.com", "s3.amazonaws.com"] } # condition { # test = "StringLike" @@ -311,7 +311,7 @@ data "aws_iam_policy_document" "key" { resources = ["*"] principals { type = "Service" - identifiers = ["sns.amazonaws.com", "sqs.amazonaws.com"] + identifiers = ["sns.amazonaws.com", "sqs.amazonaws.com", "s3.amazonaws.com"] } } }