From 04c81dfb42821973eebf822e93c1734b8d0b2faa Mon Sep 17 00:00:00 2001 From: Oanh Nguyen Date: Thu, 19 Sep 2024 23:24:40 +0700 Subject: [PATCH] Fix tflint --- .tflint.hcl | 3 ++- modules/ecs-task-role/main.tf | 6 +++--- modules/execution-role/README.md | 3 --- modules/execution-role/main.tf | 7 ------- 4 files changed, 5 insertions(+), 14 deletions(-) diff --git a/.tflint.hcl b/.tflint.hcl index 562e2b4..53e6120 100644 --- a/.tflint.hcl +++ b/.tflint.hcl @@ -1,4 +1,5 @@ plugin "aws" { enabled = true - preset = "recommended" + version = "0.33.0" + source = "github.com/terraform-linters/tflint-ruleset-aws" } diff --git a/modules/ecs-task-role/main.tf b/modules/ecs-task-role/main.tf index 60d7b33..ebaf59d 100644 --- a/modules/ecs-task-role/main.tf +++ b/modules/ecs-task-role/main.tf @@ -10,8 +10,8 @@ # - sends application logs to CloudWatch Logs locals { - s3_arns = compact(distinct(concat(var.writable_s3_arns, var.readable_s3_arns))) - aws_ssm_managed_instance_core_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" + s3_arns = compact(distinct(concat(var.writable_s3_arns, var.readable_s3_arns))) + ssm_managed_instance_core_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" } data "aws_iam_policy_document" "policy" { @@ -117,7 +117,7 @@ module "this" { ] custom_role_policy_arns = compact([ - var.enable_ssm_core_policy ? locals.ssm_managed_instance_core_arn : "", + var.enable_ssm_core_policy ? local.ssm_managed_instance_core_arn : "", module.policy.arn, ]) diff --git a/modules/execution-role/README.md b/modules/execution-role/README.md index 520b114..ef265ab 100644 --- a/modules/execution-role/README.md +++ b/modules/execution-role/README.md @@ -51,11 +51,8 @@ No modules. | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | | [aws_iam_role_policy.custom](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | | [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | | [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.custom](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source | -| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | ## Inputs diff --git a/modules/execution-role/main.tf b/modules/execution-role/main.tf index 73ab7bf..ed40963 100644 --- a/modules/execution-role/main.tf +++ b/modules/execution-role/main.tf @@ -3,14 +3,7 @@ # https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html ################################################################################ -data "aws_region" "current" {} -data "aws_partition" "current" {} -data "aws_caller_identity" "current" {} - locals { - account_id = data.aws_caller_identity.current.account_id - partition = data.aws_partition.current.partition - region = data.aws_region.current.name name_prefix = "${trimsuffix(var.name)}-" create_custom_policy = var.create && length(var.statements) > 0