chore(deps): update terraform cloudposse/s3-bucket/aws to v4.2.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/s3-bucket/aws (source)	module	minor	4.0.0 -> 4.2.0

---

Release Notes

cloudposse/terraform-aws-s3-bucket (cloudposse/s3-bucket/aws)

v4.2.0

Compare Source

Added IP-based statement in bucket policy @​soya-miyoshi (#​216)

what

• Allows users to specify a list of source IP addresses from which access to the S3 bucket is allowed.
• Adds dynamic statement that uses the NotIpAddress condition to deny access from any IP address not listed in the source_ip_allow_list variable.

why

Use cases:

• Restricting access to specific physical locations, such as an office or home network

references

v4.1.0

Compare Source

🚀 Enhancements

fix: use for_each instead of count in aws_s3_bucket_logging @​wadhah101 (#​212)

what

Replaced the count with a for_each inside aws_s3_bucket_logging.default

there's no point in the try since the type is clearly defined as list

why

When the bucket_name within logging attribute is dynamically defined, like in the case of referencing a bucket created by terraform for logging

  logging = [
    {
      bucket_name = module.logging_bucket.bucket_id
      prefix      = "data/"
    }
  ]

we get this error

For each can work better in this case and will solve the previous error

references

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​214)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.md and docs @​cloudpossebot (#​213)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update README.md and docs @​cloudpossebot (#​209)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v4.0.1

Compare Source

🐛 Bug Fixes

Fix bug in setting dynamic `encryption_configuration` value @​LawrenceWarren (#​206)

what

• When trying to create an S3 bucket, the following error is encountered:

Error: Invalid dynamic for_each value

  on .terraform/main.tf line 225, in resource "aws_s3_bucket_replication_configuration" "default":
 225:           for_each = try(compact(concat(
 226:             [try(rule.value.destination.encryption_configuration.replica_kms_key_id, "")],
 227:             [try(rule.value.destination.replica_kms_key_id, "")]
 228:           ))[0], [])
    ├────────────────
    │ rule.value.destination.encryption_configuration is null
    │ rule.value.destination.replica_kms_key_id is "arn:aws:kms:my-region:my-account-id:my-key-alias"

Cannot use a string value in for_each. An iterable collection is required.

• This is caused in my case by having s3_replication_rules.destination.encryption_configuration.replica_kms_key_id set.

why

• There is a bug when trying to create an S3 bucket, which causes an error that stops the bucket being created

  • Basically, there are two attributes that do the same thing (for backwards compatability)
    • s3_replication_rules.destination.encryption_configuration.replica_kms_key_id (newer)
    • s3_replication_rules.destination.replica_kms_key_id (older)
  • There is logic to:
    • A) use the newer of these two attributes
    • B) fall back to the older of the attributes if it is set and the newer is not
    • C) fall back to an empty array if nothing is set
  • There is a bug in steps A/B, where by selecting one or the other, we end up with the string value, and not an iterable
  • The simplest solution, which I have tested successfully on existing buckets, is to wrap the output of that logic in a list

• This error is easily replicable by trying compact(concat([try("string", "")], [try("string", "")]))[0] in the Terraform console, which is a simplified version of the existing logic used above

• The table below demonstrates the possible values of the existing code - you can see the outputs for value 2, value 3, and value 4 are not lists:

Key	Value 1	Value 2	Value 3	Value 4
newer	null	"string1"	null	"string1"
older	null	null	"string2"	"string2"
output	[]	"string1"	"string2"	"string1"

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[mergify]

/terratest