Upgrate to terraform v12 (#11)

* Upgrade to v12 - step1 * Upgrade to v12
riboseinc · Sep 26, 2019 · 8de1566 · 8de1566
1 parent 3ea3b02
commit 8de1566
Show file tree

Hide file tree

Showing 12 changed files with 123 additions and 87 deletions.
diff --git a/example/acm.tf b/example/acm.tf
@@ -1,43 +1,43 @@
 # ACM Certificate generation
 resource "aws_acm_certificate" "cert" {
-  provider          = "aws.cloudfront"
-  domain_name       = "${var.fqdn}"
+  provider          = aws.cloudfront
+  domain_name       = var.fqdn
   validation_method = "DNS"
 }
 
 resource "aws_route53_record" "cert_validation" {
-  provider = "aws.cloudfront"
-  name     = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_name}"
-  type     = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_type}"
-  zone_id  = "${data.aws_route53_zone.main.id}"
-  records  = ["${aws_acm_certificate.cert.domain_validation_options.0.resource_record_value}"]
+  provider = aws.cloudfront
+  name     = aws_acm_certificate.cert.domain_validation_options[0].resource_record_name
+  type     = aws_acm_certificate.cert.domain_validation_options[0].resource_record_type
+  zone_id  = data.aws_route53_zone.main.id
+  records  = [aws_acm_certificate.cert.domain_validation_options[0].resource_record_value]
   ttl      = 60
 }
 
 resource "aws_acm_certificate_validation" "cert" {
-  provider                = "aws.cloudfront"
-  certificate_arn         = "${aws_acm_certificate.cert.arn}"
-  validation_record_fqdns = ["${aws_route53_record.cert_validation.fqdn}"]
+  provider                = aws.cloudfront
+  certificate_arn         = aws_acm_certificate.cert.arn
+  validation_record_fqdns = [aws_route53_record.cert_validation.fqdn]
 }
 
-
 # Route 53 record for the static site
 
 data "aws_route53_zone" "main" {
-  provider     = "aws.main"
-  name         = "${var.cookieDomain}"
+  provider     = aws.main
+  name         = var.cookieDomain
   private_zone = false
 }
 
 resource "aws_route53_record" "web" {
-  provider = "aws.main"
-  zone_id  = "${data.aws_route53_zone.main.zone_id}"
-  name     = "${var.fqdn}"
+  provider = aws.main
+  zone_id  = data.aws_route53_zone.main.zone_id
+  name     = var.fqdn
   type     = "A"
 
   alias {
-    name    = "${module.main.cf_domain_name}"
-    zone_id = "${module.main.cf_hosted_zone_id}"
+    name                   = module.main.cf_domain_name
+    zone_id                = module.main.cf_hosted_zone_id
     evaluate_target_health = false
   }
 }
+
diff --git a/example/main.tf b/example/main.tf
@@ -2,33 +2,33 @@ module "lambda" {
   source = "../"
 
   # default key is "config.json"
-  bucketName = "${var.bucketName}"
-  bucketKey = "${var.bucketKey}"
-  cookieDomain = "${var.cookieDomain}"
+  bucketName   = var.bucketName
+  bucketKey    = var.bucketKey
+  cookieDomain = var.cookieDomain
 }
 
-
 module "main" {
-  // PR for lambda enabled need to merged
-//    source = "../../terraform-aws-s3-cloudfront-website"
-  source = "/Users/capitant/working/terraform-aws-s3-cloudfront-website"
+  source = "../../terraform-aws-s3-cloudfront-website"
+
+  //  source = "/Users/capitant/working/terraform-aws-s3-cloudfront-website"
 
-  fqdn = "${var.fqdn}"
-  ssl_certificate_arn = "${aws_acm_certificate_validation.cert.certificate_arn}"
-  allowed_ips = "${var.allowed_ips}"
+  fqdn                = var.fqdn
+  ssl_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn
+  allowed_ips         = var.allowed_ips
 
   index_document = "index.html"
   error_document = "404.html"
 
-  refer_secret = "${base64sha512("REFER-SECRET-19265125-${var.fqdn}-52865926")}"
+  refer_secret = base64sha512("REFER-SECRET-19265125-${var.fqdn}-52865926")
 
   force_destroy = "true"
 
-  providers {
-    "aws.main" = "aws.main"
-    "aws.cloudfront" = "aws.cloudfront"
+  providers = {
+    aws.main       = aws.main
+    aws.cloudfront = aws.cloudfront
   }
 
-  lambda_edge_enabled = "true"
+  lambda_edge_enabled     = "true"
   lambda_edge_arn_version = "${module.lambda.arn}:${module.lambda.version}"
 }
+
diff --git a/example/outputs.tf b/example/outputs.tf
@@ -1,23 +1,24 @@
 output "s3_domain" {
-  value = "${module.main.s3_website_endpoint}"
+  value = module.main.s3_website_endpoint
 }
 
 output "cloudfront_domain" {
-  value = "${module.main.cf_domain_name}"
+  value = module.main.cf_domain_name
 }
 
 output "cloudfront_hosted_zone_id" {
-  value = "${module.main.cf_hosted_zone_id}"
+  value = module.main.cf_hosted_zone_id
 }
 
 output "cloudfront_distribution_id" {
-  value = "${module.main.cf_distribution_id}"
+  value = module.main.cf_distribution_id
 }
 
 output "route53_fqdn" {
-  value = "${aws_route53_record.web.fqdn}"
+  value = aws_route53_record.web.fqdn
 }
 
 output "acm_certificate_arn" {
-  value = "${aws_acm_certificate_validation.cert.certificate_arn}"
+  value = aws_acm_certificate_validation.cert.certificate_arn
 }
+
diff --git a/example/providers.tf b/example/providers.tf
@@ -1,13 +1,26 @@
+variable "region" {
+  description = "fix region empty issue of terraform v12"
+  type        = string
+  default     = "us-east-1"
+}
+
 # AWS Region for S3 and other resources
 provider "aws" {
+//  region = "us-east-1"
   region = "us-west-2"
-  alias = "main"
+  alias  = "main"
+  version = "~> 2.9"
 }
 
-
 # AWS Region for Cloudfront (ACM certs only supports us-east-1)
 provider "aws" {
   region = "us-east-1"
-  alias = "cloudfront"
+  alias  = "cloudfront"
+  version = "~> 2.9"
 }
 
+
+
+provider "aws" {
+  region = var.region
+}
diff --git a/example/s3_access.tf b/example/s3_access.tf
@@ -1,5 +1,7 @@
 resource "aws_s3_bucket_object" "object" {
-  bucket = "${var.bucketName}"
-  key    = "${var.bucketKey}"
+  bucket = var.bucketName
+  key    = var.bucketKey
   source = "${path.module}/config.json"
+  provider = aws.main
 }
+
diff --git a/example/vars.tf b/example/vars.tf
@@ -11,12 +11,12 @@ variable "cookieDomain" {
 
 # Allowed IPs that can directly access the S3 bucket
 variable "allowed_ips" {
-  type = "list"
-  default = [ "0.0.0.0/0" ]
+  type    = list(string)
+  default = ["0.0.0.0/0"]
 }
 
 variable "bucketName" {
-  default = "mysite.htaccess"
+  default = "mysite.htaccess2"
 }
 
 variable "bucketKey" {
@@ -30,3 +30,4 @@ variable "lambda_basic_username" {
 variable "lambda_basic_password" {
   default = "test"
 }
+
diff --git a/example/versions.tf b/example/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/main.tf b/main.tf
@@ -1,15 +1,21 @@
-resource "template_file" "this" {
-  template = "${file("${path.module}/src/params.json")}"
-
-  vars {
-    BUCKET_NAME = "${var.bucketName}"
-    BUCKET_KEY = "${var.bucketKey}"
-    COOKIE_DOMAIN = "${var.cookieDomain}"
-  }
-}
+//resource "template_file" "this" {
+//  template = file("${path.module}/src/params.json")
+//
+//  vars = {
+//    BUCKET_NAME   = var.bucketName
+//    BUCKET_KEY    = var.bucketKey
+//    COOKIE_DOMAIN = var.cookieDomain
+//  }
+//}
 
 resource "local_file" "params" {
-  content = "${template_file.this.rendered}"
+//  content  = template_file.this.rendered
+  content = templatefile("${path.module}/src/params.json", {
+        BUCKET_NAME   = var.bucketName
+        BUCKET_KEY    = var.bucketKey
+        COOKIE_DOMAIN = var.cookieDomain
+  })
+
   filename = "${path.module}/.archive/params.json"
 }
 
@@ -18,33 +24,34 @@ data "local_file" "mainjs" {
 }
 
 resource "local_file" "mainjs" {
-  content = "${data.local_file.mainjs.content}"
+  content  = data.local_file.mainjs.content
   filename = "${path.module}/.archive/main.js"
 }
 
 data "archive_file" "this" {
   depends_on = [
-    "local_file.params",
-    "local_file.mainjs"
+    local_file.params,
+    local_file.mainjs,
   ]
 
-  type = "zip"
+  type        = "zip"
   output_path = "${path.module}/.archive.zip"
-  source_dir = "${path.module}/.archive"
+  source_dir  = "${path.module}/.archive"
 }
 
 resource "aws_lambda_function" "this" {
   description = "Basic HTTP authentication module/function"
-  role = "${aws_iam_role.this.arn}"
-  runtime = "nodejs8.10"
+  role        = aws_iam_role.this.arn
+  runtime     = "nodejs8.10"
 
-  filename = "${data.archive_file.this.output_path}"
-  source_code_hash = "${data.archive_file.this.output_base64sha256}"
+  filename         = data.archive_file.this.output_path
+  source_code_hash = data.archive_file.this.output_base64sha256
 
-  function_name = "${var.name}"
-  handler = "main.handler"
+  function_name = var.name
+  handler       = "main.handler"
 
-  timeout = "${var.fn_timeout}"
-  memory_size = "${var.fn_memory_size}"
-  publish = true
+  timeout     = var.fn_timeout
+  memory_size = var.fn_memory_size
+  publish     = true
 }
+
diff --git a/outputs.tf b/outputs.tf
@@ -1,23 +1,24 @@
 output "fn_name" {
-  value = "${aws_lambda_function.this.function_name}"
+  value = aws_lambda_function.this.function_name
 }
 
 output "arn" {
-  value = "${aws_lambda_function.this.arn}"
+  value = aws_lambda_function.this.arn
 }
 
 output "qualified_arn" {
-  value = "${aws_lambda_function.this.qualified_arn}"
+  value = aws_lambda_function.this.qualified_arn
 }
 
 output "invoke_arn" {
-  value = "${aws_lambda_function.this.invoke_arn}"
+  value = aws_lambda_function.this.invoke_arn
 }
 
 output "id" {
-  value = "${aws_lambda_function.this.id}"
+  value = aws_lambda_function.this.id
 }
 
 output "version" {
-  value = "${aws_lambda_function.this.version}"
+  value = aws_lambda_function.this.version
 }
+
diff --git a/sts_role.tf b/sts_role.tf
@@ -32,16 +32,16 @@ data "aws_iam_policy_document" "this" {
     ]
 
     resources = [
-      "arn:aws:logs:*:*:*"
+      "arn:aws:logs:*:*:*",
     ]
   }
 
   statement {
     actions = [
-      "s3:GetObject"
+      "s3:GetObject",
     ]
     resources = [
-      "arn:aws:s3:::${var.bucketName}/*"
+      "arn:aws:s3:::${var.bucketName}/*",
     ]
   }
 
@@ -53,18 +53,19 @@ data "aws_iam_policy_document" "this" {
     ]
 
     resources = [
-      "${aws_lambda_function.this.arn}",
+      aws_lambda_function.this.arn,
     ]
   }
 }
 
 resource "aws_iam_role_policy" "this" {
-  name   = "${var.name}"
-  role   = "${aws_iam_role.this.id}"
-  policy = "${data.aws_iam_policy_document.this.json}"
+  name   = var.name
+  role   = aws_iam_role.this.id
+  policy = data.aws_iam_policy_document.this.json
 }
 
 resource "aws_iam_role" "this" {
-  name               = "${var.name}"
-  assume_role_policy = "${data.aws_iam_policy_document.sts.json}"
+  name               = var.name
+  assume_role_policy = data.aws_iam_policy_document.sts.json
 }
+
diff --git a/vars.tf b/vars.tf
@@ -15,9 +15,11 @@ variable "fn_memory_size" {
 variable "bucketName" {
 }
 
-variable "cookieDomain" {}
+variable "cookieDomain" {
+}
 
 #lambda config key
 variable "bucketKey" {
   default = "config.json"
 }
+
diff --git a/versions.tf b/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}