Upgrade Terraform AWS provider to v4.x (#291)

ofhouse · web-flow · commit 9f453baed4d2 · 2022-04-07T19:22:12.000+02:00
* Rewrite S3 resources

* Update external modules

* Update deprecated resource

* Ensure 4.8 is displayed as minimum version in docs
diff --git a/README.md b/README.md
@@ -113,7 +113,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/examples/next-image/main.tf b/examples/next-image/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/examples/static/main.tf b/examples/static/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/examples/with-custom-domain/main.tf b/examples/with-custom-domain/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/examples/with-existing-cloudfront/main.tf b/examples/with-existing-cloudfront/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 3.0"
+      version = "~> 4.0"
     }
   }
 }
diff --git a/main.tf b/main.tf
@@ -148,7 +148,7 @@ module "next_image" {
   count = var.create_image_optimization ? 1 : 0
 
   source  = "milliHQ/next-js-image-optimization/aws"
-  version = "~> 12.0.10"
+  version = ">= 12.1.0"
 
   cloudfront_create_distribution = false
 
diff --git a/modules/cloudfront-proxy-config/main.tf b/modules/cloudfront-proxy-config/main.tf
@@ -10,11 +10,15 @@ locals {
 
 resource "aws_s3_bucket" "proxy_config_store" {
   bucket_prefix = "${var.deployment_name}-tfn-config"
-  acl           = "private"
   force_destroy = true
   tags          = merge(var.tags, var.tags_s3_bucket)
 }
 
+resource "aws_s3_bucket_acl" "proxy_config_store" {
+  bucket = aws_s3_bucket.proxy_config_store.id
+  acl    = "private"
+}
+
 data "aws_iam_policy_document" "cf_access" {
   statement {
     actions   = ["s3:GetObject"]
@@ -36,7 +40,7 @@ resource "aws_s3_bucket_policy" "proxy_config_store_origin_access" {
 # Upload Proxy Config
 #####################
 
-resource "aws_s3_bucket_object" "config_json" {
+resource "aws_s3_object" "config_json" {
   bucket        = aws_s3_bucket.proxy_config_store.id
   key           = local.proxy_config_key
   content       = var.proxy_config_json
diff --git a/modules/cloudfront-proxy-config/versions.tf b/modules/cloudfront-proxy-config/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.0"
+      version = ">= 4.0"
     }
   }
 }
diff --git a/modules/proxy/main.tf b/modules/proxy/main.tf
@@ -15,7 +15,7 @@ module "proxy_package" {
 
 module "edge_proxy" {
   source  = "terraform-aws-modules/lambda/aws"
-  version = "2.4.0"
+  version = "3.1.0"
 
   lambda_at_edge = true
 
diff --git a/modules/statics-deploy/main.tf b/modules/statics-deploy/main.tf
@@ -9,17 +9,24 @@ locals {
 
 resource "aws_s3_bucket" "static_upload" {
   bucket_prefix = "${var.deployment_name}-tfn-deploy"
-  acl           = "private"
   force_destroy = true
 
-  # We are using versioning here to ensure that no file gets overridden at upload
-  versioning {
-    enabled = true
-  }
-
   tags = merge(var.tags, var.tags_s3_bucket)
 }
 
+resource "aws_s3_bucket_acl" "static_upload" {
+  bucket = aws_s3_bucket.static_upload.id
+  acl    = "private"
+}
+
+# We are using versioning here to ensure that no file gets overridden at upload
+resource "aws_s3_bucket_versioning" "static_upload" {
+  bucket = aws_s3_bucket.static_upload.id
+  versioning_configuration {
+    status = "Enabled"
+  }
+}
+
 resource "aws_s3_bucket_notification" "on_create" {
   bucket = aws_s3_bucket.static_upload.id
 
@@ -35,23 +42,35 @@ resource "aws_s3_bucket_notification" "on_create" {
 
 resource "aws_s3_bucket" "static_deploy" {
   bucket_prefix = "${var.deployment_name}-tfn-static"
-  acl           = "private"
   force_destroy = true
 
-  lifecycle_rule {
-    id      = "Expire static assets"
-    enabled = var.expire_static_assets >= 0 # -1 disables the cleanup
+  tags = merge(var.tags, var.tags_s3_bucket)
+}
+
+resource "aws_s3_bucket_acl" "static_deploy" {
+  bucket = aws_s3_bucket.static_deploy.id
+  acl    = "private"
+}
+
+resource "aws_s3_bucket_lifecycle_configuration" "static_deploy" {
+  bucket = aws_s3_bucket.static_deploy.id
 
-    tags = {
-      "tfnextExpire" = "true"
-    }
+  rule {
+    id = "Expire static assets"
 
     expiration {
       days = var.expire_static_assets > 0 ? var.expire_static_assets : 0
     }
-  }
 
-  tags = merge(var.tags, var.tags_s3_bucket)
+    filter {
+      tag {
+        key   = "tfnextExpire"
+        value = "true"
+      }
+    }
+
+    status = var.expire_static_assets >= 0 ? "Enabled" : "Disabled" # -1 disables the cleanup
+  }
 }
 
 # CloudFront permissions for the bucket
@@ -172,7 +191,7 @@ module "lambda_content" {
 
 module "deploy_trigger" {
   source  = "terraform-aws-modules/lambda/aws"
-  version = "2.4.0"
+  version = "3.1.0"
 
   function_name             = "${var.deployment_name}_tfn-deploy"
   description               = "Managed by Terraform Next.js"
diff --git a/versions.tf b/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source                = "hashicorp/aws"
-      version               = ">= 3.64.0"
+      version               = ">= 4.8"
       configuration_aliases = [aws.global_region]
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ terraform {`
`113`	`113`	`required_providers {`
`114`	`114`	`aws = {`
`115`	`115`	`source = "hashicorp/aws"`
`116`		`- version = "~> 3.0"`
	`116`	`+ version = "~> 4.0"`
`117`	`117`	`}`
`118`	`118`	`}`
`119`	`119`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ terraform {`
`2`	`2`	`required_providers {`
`3`	`3`	`aws = {`
`4`	`4`	`source = "hashicorp/aws"`
`5`		`- version = "~> 3.0"`
	`5`	`+ version = "~> 4.0"`
`6`	`6`	`}`
`7`	`7`	`}`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ terraform {`
`4`	`4`	`required_providers {`
`5`	`5`	`aws = {`
`6`	`6`	`source = "hashicorp/aws"`
`7`		`- version = ">= 3.0"`
	`7`	`+ version = ">= 4.0"`
`8`	`8`	`}`
`9`	`9`	`}`
`10`	`10`	`}`