Cleanup permissions

ImDevinC · Oct 31, 2023 · 1d3cbe2 · 1d3cbe2
1 parent 8262556
commit 1d3cbe2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/terraform/bucket.tf b/terraform/bucket.tf
@@ -1,7 +1,8 @@
 // Site bucket
 module "bucket" {
-  source = "terraform-aws-modules/s3-bucket/aws"
-  bucket = local.bucket_name
+  source  = "terraform-aws-modules/s3-bucket/aws"
+  version = "3.15.1"
+  bucket  = local.bucket_name
   server_side_encryption_configuration = {
     rule = {
       apply_server_side_encryption_by_default = {
@@ -36,8 +37,9 @@ resource "aws_s3_bucket_policy" "bucket_policy" {
 
 // Blog bucket
 module "blog_bucket" {
-  source = "terraform-aws-modules/s3-bucket/aws"
-  bucket = local.blog_bucket_name
+  source  = "terraform-aws-modules/s3-bucket/aws"
+  version = "3.15.1"
+  bucket  = local.blog_bucket_name
   server_side_encryption_configuration = {
     rule = {
       apply_server_side_encryption_by_default = {

diff --git a/terraform/kms.tf b/terraform/kms.tf
@@ -34,7 +34,10 @@ data "aws_iam_policy_document" "kms_key_policy" {
     condition {
       test     = "StringEquals"
       variable = "AWS:SourceArn"
-      values   = [module.blog_cloudfront.cloudfront_distribution_arn]
+      values = [
+        module.blog_cloudfront.cloudfront_distribution_arn,
+        module.cloudfront.cloudfront_distribution_arn,
+      ]
     }
   }
 }