Fix: Deployment Principal ARNs #164
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…e bucket policy JSON will be invalid.
…y and there is a check for its length in locals{} that assumes it is empty by default, but it is not empty by default.
… AWS i.e. when s3_access_log_bucket_name is true as a result of acm_certificate_arn being unset.
…loyment_principal_arns.
korenyoni
requested review from
Gowiem and
brcnblc
and removed request for
a team
…/terraform-aws-cloudfront-s3-cdn into fix/deployment-principal-arns
|
/test all |
…/terraform-aws-cloudfront-s3-cdn into fix/deployment-principal-arns
jamengual
previously approved these changes
May 14, 2021
Nuru
previously requested changes
May 14, 2021
…ed testing domain.
…/terraform-aws-cloudfront-s3-cdn into fix/deployment-principal-arns
mergify
bot
dismissed
Nuru’s stale review
This Pull Request has been updated, so we're dismissing all reviews.
… limitations of var.acm_certificate_arn being unset in variables.tf.
|
/test all |
|
Tests are currently stuck in queued due to a GitHub Actions incident |
|
/test all |
|
Will need to remove validation due to Terraform version used in tests being too old for functions used in validation block. |
…form version being used in automated Terratest testing.
…/terraform-aws-cloudfront-s3-cdn into fix/deployment-principal-arns
|
/test all |
|
/test all |
…that the validation is removed.
|
/test all |
|
/test all |
Nuru
force-pushed
the
fix/deployment-principal-arns
branch
from
68ab714 to
c286551
Compare
|
/test all |
Nuru
previously approved these changes
May 17, 2021
|
@Nuru thank you — yes it does seem better to programatically handle the leading slash and not have the user deal with it. I just fixed a couple of typos in |
|
/test all |
korenyoni
commented
May 17, 2021
| formatlist("${local.origin_bucket.arn}%s*", each.value), | ||
| resources = distinct(flatten([ | ||
| [local.origin_bucket.arn], | ||
| formatlist("${local.origin_bucket.arn}/%s*", each.value), |
There was a problem hiding this comment.
This is a better way of ensuring the bucket policy is valid, as we're handling the slash programatically now instead of deferring it to the user.
aknysh
approved these changes
May 17, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
what
deployment_principal_arnsdeployment_principal_arns— otherwise an error occurs when comparing types.Fix snippet: all prefixes must begin in forward slash or otherwise the bucket policy JSON will be invalid.(misc)
Fix typo in tfvars fixtures in example.why
deployment_principal_arnswas not working andexamples/completewas not testing for itreferences