Support AWS Provider V5

.github/workflows/release-branch.yml

@@ -10,6 +10,7 @@ on:
       - 'docs/**'
       - 'examples/**'
       - 'test/**'
+      - 'README.*'
 
 permissions:
   contents: write

.github/workflows/release-published.yml

@@ -11,4 +11,4 @@ permissions:
 
 jobs:
   terraform-module:
-    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main
+    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main

README.md

@@ -436,15 +436,15 @@ Available targets:
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.64.0, != 4.0.0, != 4.1.0, != 4.2.0, != 4.3.0, != 4.4.0, != 4.5.0, != 4.6.0, != 4.7.0, != 4.8.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.2 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.7 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.64.0, != 4.0.0, != 4.1.0, != 4.2.0, != 4.3.0, != 4.4.0, != 4.5.0, != 4.6.0, != 4.7.0, != 4.8.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2.2 |
 | <a name="provider_time"></a> [time](#provider\_time) | >= 0.7 |
 
@@ -453,7 +453,7 @@ Available targets:
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_dns"></a> [dns](#module\_dns) | cloudposse/route53-alias/aws | 0.13.0 |
-| <a name="module_logs"></a> [logs](#module\_logs) | cloudposse/s3-log-storage/aws | 0.26.0 |
+| <a name="module_logs"></a> [logs](#module\_logs) | cloudposse/s3-log-storage/aws | 1.4.0 |
 | <a name="module_origin_label"></a> [origin\_label](#module\_origin\_label) | cloudposse/label/null | 0.25.0 |
 | <a name="module_this"></a> [this](#module\_this) | cloudposse/label/null | 0.25.0 |
 

docs/terraform.md

@@ -4,15 +4,15 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.64.0, != 4.0.0, != 4.1.0, != 4.2.0, != 4.3.0, != 4.4.0, != 4.5.0, != 4.6.0, != 4.7.0, != 4.8.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.2 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.7 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.64.0, != 4.0.0, != 4.1.0, != 4.2.0, != 4.3.0, != 4.4.0, != 4.5.0, != 4.6.0, != 4.7.0, != 4.8.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2.2 |
 | <a name="provider_time"></a> [time](#provider\_time) | >= 0.7 |
 
@@ -21,7 +21,7 @@
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_dns"></a> [dns](#module\_dns) | cloudposse/route53-alias/aws | 0.13.0 |
-| <a name="module_logs"></a> [logs](#module\_logs) | cloudposse/s3-log-storage/aws | 0.26.0 |
+| <a name="module_logs"></a> [logs](#module\_logs) | cloudposse/s3-log-storage/aws | 1.4.0 |
 | <a name="module_origin_label"></a> [origin\_label](#module\_origin\_label) | cloudposse/label/null | 0.25.0 |
 | <a name="module_this"></a> [this](#module\_this) | cloudposse/label/null | 0.25.0 |
 

examples/complete/deployment.tf

@@ -7,7 +7,7 @@ locals {
   } : {}
 
   our_account_id            = local.enabled ? data.aws_caller_identity.current[0].account_id : ""
-  our_role_arn_prefix       = "arn:${join("", data.aws_partition.current.*.partition)}:iam::${local.our_account_id}:role"
+  our_role_arn_prefix       = "arn:${join("", data.aws_partition.current[*].partition)}:iam::${local.our_account_id}:role"
   role_names                = { for k, v in local.test_deployment_role_prefix_map : k => module.role_labels[k].id }
   deployment_principal_arns = { for k, v in local.role_names : format("%v/%v", local.our_role_arn_prefix, v) => local.test_deployment_role_prefix_map[k] }
 }

examples/complete/main.tf

@@ -20,7 +20,7 @@ data "aws_iam_policy_document" "document" {
 
     actions = ["s3:GetObject"]
     resources = [
-      "arn:${join("", data.aws_partition.current.*.partition)}:s3:::$${bucket_name}$${origin_path}testprefix/*"
+      "arn:${join("", data.aws_partition.current[*].partition)}:s3:::$${bucket_name}$${origin_path}testprefix/*"
     ]
 
     principals {
@@ -36,7 +36,7 @@ data "aws_canonical_user_id" "current" {
 
 module "s3_bucket" {
   source  = "cloudposse/s3-bucket/aws"
-  version = "0.36.0"
+  version = "3.1.2"
 
   acl                = null
   force_destroy      = true
@@ -105,7 +105,7 @@ module "cloudfront_s3_cdn" {
   context = module.this.context
 }
 
-resource "aws_s3_bucket_object" "index" {
+resource "aws_s3_object" "index" {
   count = local.enabled ? 1 : 0
 
   bucket       = module.cloudfront_s3_cdn.s3_bucket

examples/complete/s3-origins.tf

@@ -29,7 +29,7 @@ locals {
 
 module "additional_s3_origin" {
   source  = "cloudposse/s3-bucket/aws"
-  version = "0.39.0"
+  version = "3.1.2"
   enabled = local.additional_s3_origins_enabled
 
   acl                = "private"
@@ -43,7 +43,7 @@ module "additional_s3_origin" {
 
 module "additional_s3_failover_origin" {
   source  = "cloudposse/s3-bucket/aws"
-  version = "0.39.0"
+  version = "3.1.2"
   enabled = local.additional_s3_origins_enabled
 
   acl                = "private"

examples/complete/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.0"
+      version = ">= 5.0"
     }
   }
 }

main.tf

@@ -133,13 +133,13 @@ resource "random_password" "referer" {
 data "aws_iam_policy_document" "s3_origin" {
   count = local.s3_origin_enabled ? 1 : 0
 
-  override_json = local.override_policy
+  override_policy_documents = [local.override_policy]
 
   statement {
     sid = "S3GetObjectForCloudFront"
 
     actions   = ["s3:GetObject"]
-    resources = ["arn:${join("", data.aws_partition.current.*.partition)}:s3:::${local.bucket}${local.origin_path}*"]
+    resources = ["arn:${join("", data.aws_partition.current[*].partition)}:s3:::${local.bucket}${local.origin_path}*"]
 
     principals {
       type        = "AWS"
@@ -151,7 +151,7 @@ data "aws_iam_policy_document" "s3_origin" {
     sid = "S3ListBucketForCloudFront"
 
     actions   = ["s3:ListBucket"]
-    resources = ["arn:${join("", data.aws_partition.current.*.partition)}:s3:::${local.bucket}"]
+    resources = ["arn:${join("", data.aws_partition.current[*].partition)}:s3:::${local.bucket}"]
 
     principals {
       type        = "AWS"
@@ -163,13 +163,13 @@ data "aws_iam_policy_document" "s3_origin" {
 data "aws_iam_policy_document" "s3_website_origin" {
   count = local.website_enabled ? 1 : 0
 
-  override_json = local.override_policy
+  override_policy_documents = [local.override_policy]
 
   statement {
     sid = "S3GetObjectForCloudFront"
 
     actions   = ["s3:GetObject"]
-    resources = ["arn:${join("", data.aws_partition.current.*.partition)}:s3:::${local.bucket}${local.origin_path}*"]
+    resources = ["arn:${join("", data.aws_partition.current[*].partition)}:s3:::${local.bucket}${local.origin_path}*"]
 
     principals {
       type        = "AWS"
@@ -233,9 +233,9 @@ data "aws_iam_policy_document" "combined" {
   count = local.enabled ? 1 : 0
 
   source_policy_documents = compact(concat(
-    data.aws_iam_policy_document.s3_origin.*.json,
-    data.aws_iam_policy_document.s3_website_origin.*.json,
-    data.aws_iam_policy_document.s3_ssl_only.*.json,
+    data.aws_iam_policy_document.s3_origin[*].json,
+    data.aws_iam_policy_document.s3_website_origin[*].json,
+    data.aws_iam_policy_document.s3_ssl_only[*].json,
     values(data.aws_iam_policy_document.deployment)[*].json
   ))
 }
@@ -244,7 +244,7 @@ resource "aws_s3_bucket_policy" "default" {
   count = local.create_s3_origin_bucket || local.override_origin_bucket_policy ? 1 : 0
 
   bucket = local.origin_bucket.bucket
-  policy = join("", data.aws_iam_policy_document.combined.*.json)
+  policy = join("", data.aws_iam_policy_document.combined[*].json)
 }
 
 resource "aws_s3_bucket" "origin" {
@@ -256,7 +256,7 @@ resource "aws_s3_bucket" "origin" {
   count = local.create_s3_origin_bucket ? 1 : 0
 
   bucket        = module.origin_label.id
-  acl           = "private"
+  aws_s3_bucket_acl           = "private"
   tags          = module.origin_label.tags
   force_destroy = var.origin_force_destroy
 
@@ -342,7 +342,7 @@ resource "time_sleep" "wait_for_aws_s3_bucket_settings" {
 
 module "logs" {
   source                   = "cloudposse/s3-log-storage/aws"
-  version                  = "0.26.0"
+  version                  = "1.4.1"
   enabled                  = local.create_cf_log_bucket
   attributes               = var.extra_logs_attributes
   lifecycle_prefix         = local.cloudfront_access_log_prefix

modules/lambda@edge/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.0"
+      version = ">= 5.0"
     }
     time = {
       source  = "hashicorp/time"

outputs.tf

@@ -34,7 +34,7 @@ output "cf_identity_iam_arn" {
 }
 
 output "cf_origin_groups" {
-  value       = try(flatten(aws_cloudfront_distribution.default.*.origin_group), [])
+  value       = try(flatten(aws_cloudfront_distribution.default[*].origin_group), [])
   description = "List of Origin Groups in the CloudFront distribution."
 }
 
@@ -44,7 +44,7 @@ output "cf_primary_origin_id" {
 }
 
 output "cf_origin_ids" {
-  value       = try(aws_cloudfront_distribution.default[0].origin.*.origin_id, [])
+  value       = try(aws_cloudfront_distribution.default[0].origin[*].origin_id, [])
   description = "List of Origin IDs in the CloudFront distribution."
 }
 
@@ -69,7 +69,7 @@ output "s3_bucket_arn" {
 }
 
 output "s3_bucket_policy" {
-  value       = join("", aws_s3_bucket_policy.default.*.policy)
+  value       = join("", aws_s3_bucket_policy.default[*].policy)
   description = "Final computed S3 bucket policy"
 }
 

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.64.0, != 4.0.0, != 4.1.0, != 4.2.0, != 4.3.0, != 4.4.0, != 4.5.0, != 4.6.0, != 4.7.0, != 4.8.0"
+      version = ">= 5.0"
     }
     random = {
       source  = "hashicorp/random"