From 5aa6a3a781648ff431e83d5395c64fb97fab2790 Mon Sep 17 00:00:00 2001 From: badra001 Date: Tue, 1 Nov 2022 08:03:11 -0400 Subject: [PATCH] s3-flow-logs: backport from tf-upgrade changes for bucket encryption to sse-s3 --- CHANGELOG.md | 5 +++++ common/data.tf | 4 ++++ common/defaults.tf | 11 +++++++++++ common/version.tf | 2 +- 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c58ef9e..e690968 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -179,3 +179,8 @@ * 1.16.2 -- 2022-07-20 - iam-general-policies - add census ipv6 2610:20:2000::/38 + +* 1.16.3 -- 2022-11-01 + - s3-flow-logs + - change encryption to AES256 from aws:kms (no default for log delivery) + - update policy according to docs: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html diff --git a/common/data.tf b/common/data.tf index c99f19d..2d469a2 100644 --- a/common/data.tf +++ b/common/data.tf @@ -6,6 +6,10 @@ data "aws_arn" "current" { data "aws_region" "current" {} +data "aws_regions" "current" { + all_regions = true +} + # output "caller_account_id" { # value = data.aws_caller_identity.current.account_id # } diff --git a/common/defaults.tf b/common/defaults.tf index 768a441..47ff65b 100644 --- a/common/defaults.tf +++ b/common/defaults.tf @@ -3,6 +3,17 @@ locals { _defaults = { + "account_settings" = { + allow_users_to_change_password = true + hard_expiry = false + max_password_age = 89 + minimum_password_length = 14 + password_reuse_prevention = 24 + require_lowercase_characters = true + require_numbers = true + require_symbols = true + require_uppercase_characters = true + } "load-balancer" = { "gov" = ["190560391635", "048591011584"] "us-gov-east-1" = "190560391635" diff --git a/common/version.tf b/common/version.tf index 15cb770..aa7208c 100644 --- a/common/version.tf +++ b/common/version.tf @@ -1,3 +1,3 @@ locals { - _module_version = "1.16.2" + _module_version = "1.16.3" }