config: fix region variable

terraform-modules · Nov 1, 2022 · b4bda83 · b4bda83
1 parent a56068d
commit b4bda83
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -188,3 +188,7 @@
 * 1.16.4 -- 2022-11-01
   - s3-access-logs
     - disable acl
+
+* 1.16.5 -- 2022-11-02
+  - config
+    - fix region variables
diff --git a/common/version.tf b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.16.4"
+  _module_version = "1.16.5"
 }
diff --git a/config/README.md b/config/README.md
@@ -80,6 +80,7 @@ No modules.
 | [aws_iam_policy_document.config_sqs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.config_sqs_deadletter](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| [aws_regions.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/regions) | data source |
 | [template_file.splunk_config](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |
 | [template_file.splunk_configrules](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |
 

diff --git a/config/main.tf b/config/main.tf
@@ -28,14 +28,14 @@
 
 locals {
   account_id          = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id
-  config_region       = data.aws_region.current.name
+  region              = data.aws_region.current.name
   account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew"
   # remap do2 to do1 for govcloud (undo this later when accounts are renamed in splunk)
   account_alias = replace(var.account_alias, "do2", "do1")
 
   # inf-config-{region}
-  name        = var.name != "" ? var.name : format("%v-%v", lookup(local._defaults["config"], "name"), local.config_region)
-  bucket_name = format("%v-%v-%v", lookup(local._defaults["config"], "name"), local.account_id, local.config_region)
+  name        = var.name != "" ? var.name : format("%v-%v", lookup(local._defaults["config"], "name"), local.region)
+  bucket_name = format("%v-%v-%v", lookup(local._defaults["config"], "name"), local.account_id, local.region)
   role_name   = format("%v%v", local._prefixes["role"], local.name)
   policy_name = format("%v%v", local._prefixes["policy"], local.name)
 

diff --git a/config/role.tf b/config/role.tf
@@ -20,7 +20,7 @@ resource "aws_iam_role" "config" {
   name = local.role_name
 
   assume_role_policy    = data.aws_iam_policy_document.config_assume.json
-  description           = "AWS Config Role for ${local.config_region}"
+  description           = "AWS Config Role for ${local.region}"
   force_detach_policies = false
   max_session_duration  = 3600
   path                  = "/service-role/"
@@ -57,7 +57,7 @@ data "aws_iam_policy_document" "config_assume" {
 resource "aws_iam_policy" "config" {
   name        = local.policy_name
   path        = "/service-role/"
-  description = "Policy for AWS Config for ${local.config_region}"
+  description = "Policy for AWS Config for ${local.region}"
   policy      = data.aws_iam_policy_document.config.json
 }