From 7596b3aab1a448f9e80c3090caa3cab7b95fea31 Mon Sep 17 00:00:00 2001 From: Manjunath PV Date: Wed, 27 Sep 2023 09:47:10 +0530 Subject: [PATCH 1/2] update version change for aws provider --- CHANGELOG.md | 5 +++++ covalent_ecs_plugin/assets/infra/networking.tf | 2 +- covalent_ecs_plugin/assets/infra/versions.tf | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3754f58..8cae3b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [UNRELEASED] +### Changed + +- Updated the terraform provider version for AWS to 5.17.0 (ecs plugin) +- Disabled `enable_nat_gateway` on the vpc module, since it was throwing error from the respective module + ## [0.31.0] - 2023-09-20 ### Changed diff --git a/covalent_ecs_plugin/assets/infra/networking.tf b/covalent_ecs_plugin/assets/infra/networking.tf index b837dfb..b9c1322 100644 --- a/covalent_ecs_plugin/assets/infra/networking.tf +++ b/covalent_ecs_plugin/assets/infra/networking.tf @@ -29,7 +29,7 @@ module "vpc" { ] private_subnets = [] - enable_nat_gateway = true + enable_nat_gateway = false single_nat_gateway = false enable_dns_hostnames = true } diff --git a/covalent_ecs_plugin/assets/infra/versions.tf b/covalent_ecs_plugin/assets/infra/versions.tf index fc6975c..c456a75 100644 --- a/covalent_ecs_plugin/assets/infra/versions.tf +++ b/covalent_ecs_plugin/assets/infra/versions.tf @@ -18,7 +18,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "~> 4.23" + version = "5.17.0" } } } From c54dd2b978472d0101c20d7ff68a21e29e82a860 Mon Sep 17 00:00:00 2001 From: Manjunath PV Date: Wed, 27 Sep 2023 10:22:17 +0530 Subject: [PATCH 2/2] minor modification on S3 bucket ACL --- CHANGELOG.md | 3 +++ covalent_ecs_plugin/assets/infra/main.tf | 13 +++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8cae3b3..76890d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Updated the terraform provider version for AWS to 5.17.0 (ecs plugin) - Disabled `enable_nat_gateway` on the vpc module, since it was throwing error from the respective module +### Added +- Added ownership controls for S3 bucket for supporting S3 bucket ACL + ## [0.31.0] - 2023-09-20 ### Changed diff --git a/covalent_ecs_plugin/assets/infra/main.tf b/covalent_ecs_plugin/assets/infra/main.tf index 8c878ad..30a6452 100644 --- a/covalent_ecs_plugin/assets/infra/main.tf +++ b/covalent_ecs_plugin/assets/infra/main.tf @@ -23,9 +23,18 @@ resource "aws_s3_bucket" "bucket" { force_destroy = true } -resource "aws_s3_bucket_acl" "bucket_acl" { +resource "aws_s3_bucket_ownership_controls" "ownership_controls" { bucket = aws_s3_bucket.bucket.id - acl = "private" + + rule { + object_ownership = "BucketOwnerPreferred" + } +} + +resource "aws_s3_bucket_acl" "bucket_acl" { + depends_on = [aws_s3_bucket_ownership_controls.ownership_controls] + bucket = aws_s3_bucket.bucket.id + acl = "private" } resource "aws_ecr_repository" "ecr_repository" {