From ece5d225058812595f1b02c086f86da9d35a6bec Mon Sep 17 00:00:00 2001
From: boris-dyga-SM <123933753+boris-dyga-SM@users.noreply.github.com>
Date: Thu, 1 Feb 2024 22:27:52 +0200
Subject: [PATCH] The access token is now passed in a http header (#83)

This is done to avoid exposure as the data.http.id (which contains
the URL) in the logs.
---
 .gitignore                       |  4 ++++
 README.md                        |  2 +-
 docs/terraform.md                |  2 +-
 modules/conformance-pack/main.tf | 10 ++--------
 4 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/.gitignore b/.gitignore
index f123b94..18f2e5f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,7 @@
 # Crash log files
 crash.log
 test.log
+
+# MacOS service files
+.DS_Store
+
diff --git a/README.md b/README.md
index 2dbd863..db3a440 100644
--- a/README.md
+++ b/README.md
@@ -115,7 +115,7 @@ Available targets:
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.33.0 |
 
 ## Modules
 
diff --git a/docs/terraform.md b/docs/terraform.md
index f5aad10..2dde5f7 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -11,7 +11,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.33.0 |
 
 ## Modules
 
diff --git a/modules/conformance-pack/main.tf b/modules/conformance-pack/main.tf
index 9aaa500..f7b8cf9 100644
--- a/modules/conformance-pack/main.tf
+++ b/modules/conformance-pack/main.tf
@@ -13,13 +13,7 @@ resource "aws_config_conformance_pack" "default" {
 }
 
 data "http" "conformance_pack" {
-  /*
-  To access a public GitHub repo the following URL is used:
-    https://raw.githubusercontent.com/<owner>/<repo>/<branch>/<path_to_file>
-  
-  To access a private GitHub repo an access token with appropriate permissions should be generated first and then provided in the url:
-    https://<private_access_token>@raw.githubusercontent.com/<owner>/<repo>/<branch>/<path_to_file>
-  */
 
-  url = var.access_token == "" ? var.conformance_pack : "${split("://", var.conformance_pack)[0]}://${var.access_token}@${split("://", var.conformance_pack)[1]}"
+  url             = var.conformance_pack
+  request_headers = var.access_token == "" ? {} : { Authorization = "token ${var.access_token}" }
 }