fix deprecation warning

beachplum-io · Sep 29, 2024 · 744aff1 · 744aff1
1 parent 0b6411b
commit 744aff1
Show file tree

Hide file tree

Showing 21 changed files with 970 additions and 859 deletions.
diff --git a/blue/bluesky/send-post/main.tf b/blue/bluesky/send-post/main.tf
@@ -43,19 +43,21 @@ resource "aws_iam_role" "events" {
       Principal = { Service = "events.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = {
-        Sid      = "StartExecution"
-        Effect   = "Allow"
-        Action   = "states:StartExecution"
-        Resource = aws_sfn_state_machine.states.arn
-      }
-    })
-  }
+resource "aws_iam_role_policy" "events" {
+  name = "access"
+  role = aws_iam_role.events.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = {
+      Sid      = "StartExecution"
+      Effect   = "Allow"
+      Action   = "states:StartExecution"
+      Resource = aws_sfn_state_machine.states.arn
+    }
+  })
 }
 
 resource "aws_cloudwatch_event_rule" "events" {
@@ -133,27 +135,29 @@ resource "aws_iam_role" "lambda" {
       Principal = { Service = "lambda.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = [
-        {
-          Sid      = "Logs"
-          Effect   = "Allow"
-          Action   = "logs:*"
-          Resource = "*"
-        },
-        {
-          Sid      = "GetParams"
-          Effect   = "Allow"
-          Action   = "ssm:GetParametersByPath"
-          Resource = "arn:aws:ssm:${local.region}:${local.account}:parameter${local.param_path}"
-        }
-      ]
-    })
-  }
+resource "aws_iam_role_policy" "lambda" {
+  name = "access"
+  role = aws_iam_role.lambda.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid      = "Logs"
+        Effect   = "Allow"
+        Action   = "logs:*"
+        Resource = "*"
+      },
+      {
+        Sid      = "GetParams"
+        Effect   = "Allow"
+        Action   = "ssm:GetParametersByPath"
+        Resource = "arn:aws:ssm:${local.region}:${local.account}:parameter${local.param_path}"
+      }
+    ]
+  })
 }
 
 resource "aws_lambda_function" "lambda" {
@@ -191,27 +195,29 @@ resource "aws_iam_role" "states" {
       Principal = { Service = "states.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = [
-        {
-          Sid      = "InvokeFunction"
-          Effect   = "Allow"
-          Action   = "lambda:InvokeFunction"
-          Resource = aws_lambda_function.lambda.arn
-        },
-        {
-          Sid      = "PutItem"
-          Effect   = "Allow"
-          Action   = "dynamodb:PutItem"
-          Resource = data.aws_dynamodb_table.table.arn
-        }
-      ]
-    })
-  }
+resource "aws_iam_role_policy" "states" {
+  name = "access"
+  role = aws_iam_role.states.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid      = "InvokeFunction"
+        Effect   = "Allow"
+        Action   = "lambda:InvokeFunction"
+        Resource = aws_lambda_function.lambda.arn
+      },
+      {
+        Sid      = "PutItem"
+        Effect   = "Allow"
+        Action   = "dynamodb:PutItem"
+        Resource = data.aws_dynamodb_table.table.arn
+      }
+    ]
+  })
 }
 
 resource "aws_sfn_state_machine" "states" {

diff --git a/blue/mail/terraform.tf b/blue/mail/terraform.tf
@@ -48,39 +48,41 @@ resource "aws_iam_role" "lambda" {
       Principal = { Service = "lambda.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = [
-        {
-          Sid      = "Logs"
-          Effect   = "Allow"
-          Action   = "logs:*"
-          Resource = "*"
-        },
-        {
-          Sid      = "GetParameter"
-          Effect   = "Allow"
-          Action   = "ssm:GetParameter"
-          Resource = "arn:aws:ssm:${local.region}:${local.account}:parameter${local.param}"
-        },
-        {
-          Sid      = "S3"
-          Effect   = "Allow"
-          Action   = "s3:GetObject"
-          Resource = "${aws_s3_bucket.mail.arn}/*"
-        },
-        {
-          Sid      = "StepFunctions"
-          Effect   = "Allow"
-          Action   = "states:StartExecution"
-          Resource = aws_sfn_state_machine.states.arn
-        }
-      ]
-    })
-  }
+resource "aws_iam_role_policy" "lambda" {
+  name = "access"
+  role = aws_iam_role.lambda.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid      = "Logs"
+        Effect   = "Allow"
+        Action   = "logs:*"
+        Resource = "*"
+      },
+      {
+        Sid      = "GetParameter"
+        Effect   = "Allow"
+        Action   = "ssm:GetParameter"
+        Resource = "arn:aws:ssm:${local.region}:${local.account}:parameter${local.param}"
+      },
+      {
+        Sid      = "S3"
+        Effect   = "Allow"
+        Action   = "s3:GetObject"
+        Resource = "${aws_s3_bucket.mail.arn}/*"
+      },
+      {
+        Sid      = "StepFunctions"
+        Effect   = "Allow"
+        Action   = "states:StartExecution"
+        Resource = aws_sfn_state_machine.states.arn
+      }
+    ]
+  })
 }
 
 resource "aws_lambda_function" "lambda" {
@@ -211,19 +213,21 @@ resource "aws_iam_role" "states" {
       Principal = { Service = "states.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = {
-        Sid      = "SendEmail"
-        Effect   = "Allow"
-        Action   = "ses:SendEmail"
-        Resource = "*"
-      }
-    })
-  }
+resource "aws_iam_role_policy" "states" {
+  name = "access"
+  role = aws_iam_role.states.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = {
+      Sid      = "SendEmail"
+      Effect   = "Allow"
+      Action   = "ses:SendEmail"
+      Resource = "*"
+    }
+  })
 }
 
 resource "aws_sfn_state_machine" "states" {

diff --git a/blue/reddit/pop-backlog/main.tf b/blue/reddit/pop-backlog/main.tf
@@ -43,19 +43,21 @@ resource "aws_iam_role" "events" {
       Principal = { Service = "events.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = {
-        Sid      = "StartExecution"
-        Effect   = "Allow"
-        Action   = "states:StartExecution"
-        Resource = aws_sfn_state_machine.states.arn
-      }
-    })
-  }
+resource "aws_iam_role_policy" "events" {
+  name = "access"
+  role = aws_iam_role.events.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = {
+      Sid      = "StartExecution"
+      Effect   = "Allow"
+      Action   = "states:StartExecution"
+      Resource = aws_sfn_state_machine.states.arn
+    }
+  })
 }
 
 resource "aws_cloudwatch_event_rule" "events" {
@@ -104,19 +106,21 @@ resource "aws_iam_role" "scheduler" {
       Principal = { Service = "scheduler.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = {
-        Sid      = "StartExecution"
-        Effect   = "Allow"
-        Action   = "states:StartExecution"
-        Resource = aws_sfn_state_machine.states.arn
-      }
-    })
-  }
+resource "aws_iam_role_policy" "scheduler" {
+  name = "access"
+  role = aws_iam_role.scheduler.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = {
+      Sid      = "StartExecution"
+      Effect   = "Allow"
+      Action   = "states:StartExecution"
+      Resource = aws_sfn_state_machine.states.arn
+    }
+  })
 }
 
 resource "aws_scheduler_schedule" "scheduler" {
@@ -156,35 +160,37 @@ resource "aws_iam_role" "states" {
       Principal = { Service = "states.amazonaws.com" }
     }
   })
+}
 
-  inline_policy {
-    name = "access"
-    policy = jsonencode({
-      Version = "2012-10-17"
-      Statement = [
-        {
-          Sid      = "CloudWatch"
-          Effect   = "Allow"
-          Action   = "cloudwatch:PutMetricData"
-          Resource = "*"
-        },
-        {
-          Sid    = "DynamoDB"
-          Effect = "Allow"
-          Action = [
-            "dynamodb:DeleteItem",
-            "dynamodb:PutItem",
-            "dynamodb:Query",
-            "dynamodb:UpdateItem",
-          ]
-          Resource = [
-            data.aws_dynamodb_table.table.arn,
-            "${data.aws_dynamodb_table.table.arn}/index/Kind",
-          ]
-        }
-      ]
-    })
-  }
+resource "aws_iam_role_policy" "states" {
+  name = "access"
+  role = aws_iam_role.states.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid      = "CloudWatch"
+        Effect   = "Allow"
+        Action   = "cloudwatch:PutMetricData"
+        Resource = "*"
+      },
+      {
+        Sid    = "DynamoDB"
+        Effect = "Allow"
+        Action = [
+          "dynamodb:DeleteItem",
+          "dynamodb:PutItem",
+          "dynamodb:Query",
+          "dynamodb:UpdateItem",
+        ]
+        Resource = [
+          data.aws_dynamodb_table.table.arn,
+          "${data.aws_dynamodb_table.table.arn}/index/Kind",
+        ]
+      }
+    ]
+  })
 }
 
 resource "aws_sfn_state_machine" "states" {