From bbb71af464d763bec3497f6449bd2fc7705ba7ff Mon Sep 17 00:00:00 2001 From: Prasanth Kommini Date: Wed, 21 Jun 2023 16:20:14 -0700 Subject: [PATCH 1/3] Add acl only if bucketOnwerPreferred --- s3.tf | 1 + variables.tf | 1 + 2 files changed, 2 insertions(+) diff --git a/s3.tf b/s3.tf index 5c5f965..e053158 100644 --- a/s3.tf +++ b/s3.tf @@ -11,6 +11,7 @@ resource "aws_s3_bucket_ownership_controls" "geff_bucket_ownership_controls" { } resource "aws_s3_bucket_acl" "geff_bucket_acl" { + count = var.bucket_object_ownership_settings == "BucketOwnerPreferred" ? 1 : 0 bucket = aws_s3_bucket.geff_bucket.id acl = "private" diff --git a/variables.tf b/variables.tf index a402116..8b762bd 100644 --- a/variables.tf +++ b/variables.tf @@ -46,6 +46,7 @@ variable "bucket_object_ownership_settings" { default = "BucketOwnerEnforced" } + data "aws_caller_identity" "current" {} data "aws_region" "current" {} data "aws_partition" "current" {} From 0ad3af3ddb148ee10ccf33b35fce74bb85c35517 Mon Sep 17 00:00:00 2001 From: Prasanth Kommini Date: Wed, 21 Jun 2023 16:24:13 -0700 Subject: [PATCH 2/3] Add acl only if bucketOnwerPreferred --- examples/complete/versions.tf | 2 +- storage_integration.tf | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 6f566b4..c9ecef4 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.4.4" + required_version = ">= 1.4.4" required_providers { aws = { diff --git a/storage_integration.tf b/storage_integration.tf index ae466c0..b08bd19 100644 --- a/storage_integration.tf +++ b/storage_integration.tf @@ -19,6 +19,7 @@ resource "snowflake_storage_integration" "this" { storage_aws_role_arn = "arn:${var.arn_format}:iam::${local.account_id}:role/${local.s3_reader_role_name}" } + resource "snowflake_integration_grant" "this" { provider = snowflake.storage_integration_role integration_name = snowflake_storage_integration.this.name From 297caa5bc2a9f493e8a4e6276b63008bbabe7d9a Mon Sep 17 00:00:00 2001 From: Prasanth Kommini Date: Wed, 21 Jun 2023 16:26:24 -0700 Subject: [PATCH 3/3] Add acl only if bucketOnwerPreferred --- examples/complete/versions.tf | 2 +- storage_integration.tf | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index c9ecef4..616d4b5 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.4.4" + required_version = ">= 1.4.6" required_providers { aws = { diff --git a/storage_integration.tf b/storage_integration.tf index b08bd19..ae466c0 100644 --- a/storage_integration.tf +++ b/storage_integration.tf @@ -19,7 +19,6 @@ resource "snowflake_storage_integration" "this" { storage_aws_role_arn = "arn:${var.arn_format}:iam::${local.account_id}:role/${local.s3_reader_role_name}" } - resource "snowflake_integration_grant" "this" { provider = snowflake.storage_integration_role integration_name = snowflake_storage_integration.this.name