fix policy for terraform

terraform-modules · Feb 3, 2023 · 9de8735 · 9de8735
1 parent b9314db
commit 9de8735
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -248,3 +248,9 @@
 * 2.2.7 -- 2023-01-03
   - iam-general-policies
     - add ipr_vpc_endpoints to enable S3 interface endpoints
+
+* 2.3.0 -- 2023-02-03
+  - org-logging
+    - creation/testing
+  - terraform-state
+    - fix policy
diff --git a/terraform-state/README.md b/terraform-state/README.md
@@ -95,6 +95,7 @@ No modules.
 | [aws_iam_policy_document.tfstate_read](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.tfstate_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| [aws_regions.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/regions) | data source |
 
 ## Inputs
 

diff --git a/terraform-state/policy.tf b/terraform-state/policy.tf
@@ -25,7 +25,7 @@ resource "aws_iam_policy" "tfstate_write" {
 }
 
 resource "aws_iam_policy" "allow_assume_role" {
-  name        = format("%v-%v", var.name, "allow-assume")
+  name        = format("%v%v-%v", lookup(local._prefixes, "policy", ""), var.name, "allow-assume")
   path        = "/"
   description = "Assume role for Terraform activity"
   policy      = data.aws_iam_policy_document.allow_assume_role.json