Merge pull request #47 from SPHTech-Platform/chore/add-support-aws-v6-region-attribute

chore: add aws provider v6 support for region attribute

Author: hazmei

data.tf

@@ -4,8 +4,6 @@ data "aws_iam_openid_connect_provider" "github" {
 
 data "aws_caller_identity" "current" {}
 
-data "aws_region" "current" {}
-
 data "aws_iam_policy_document" "update_lambda" {
   #checkov:skip=CKV_AWS_356: Read only
   statement {
@@ -32,7 +30,7 @@ data "aws_iam_policy_document" "update_lambda" {
       "lambda:PutProvisionedConcurrencyConfig",
       "lambda:DeleteProvisionedConcurrencyConfig",
     ]
-    resources = ["arn:aws:lambda:${data.aws_region.current.region}:${data.aws_caller_identity.current.account_id}:function:${var.function_prefix}*"]
+    resources = ["arn:aws:lambda:${var.region}:${data.aws_caller_identity.current.account_id}:function:${var.function_prefix}*"]
   }
 
   dynamic "statement" {
@@ -43,7 +41,7 @@ data "aws_iam_policy_document" "update_lambda" {
         "apigateway:POST",
         "apigateway:PUT",
       ]
-      resources = ["arn:aws:apigateway:${data.aws_region.current.region}::/restapis/${var.apigw_id}/*"]
+      resources = ["arn:aws:apigateway:${var.region}::/restapis/${var.apigw_id}/*"]
     }
   }
 
@@ -54,7 +52,7 @@ data "aws_iam_policy_document" "update_lambda" {
       actions = [
         "lambda:AddPermission",
       ]
-      resources = ["arn:aws:lambda:${data.aws_region.current.region}:${data.aws_caller_identity.current.account_id}:function:${var.function_prefix}*"]
+      resources = ["arn:aws:lambda:${var.region}:${data.aws_caller_identity.current.account_id}:function:${var.function_prefix}*"]
     }
   }
 
@@ -65,7 +63,7 @@ data "aws_iam_policy_document" "update_lambda" {
       actions = [
         "lambda:UpdateEventSourceMapping",
       ]
-      resources = ["arn:aws:lambda:${data.aws_region.current.region}:${data.aws_caller_identity.current.account_id}:event-source-mapping:*"]
+      resources = ["arn:aws:lambda:${var.region}:${data.aws_caller_identity.current.account_id}:event-source-mapping:*"]
     }
   }
 }
@@ -175,7 +173,7 @@ data "aws_iam_policy_document" "sign_code" {
     ]
 
     resources = [
-      "arn:aws:signer:${data.aws_region.current.region}:${data.aws_caller_identity.current.account_id}:/signing-jobs/*",
+      "arn:aws:signer:${var.region}:${data.aws_caller_identity.current.account_id}:/signing-jobs/*",
     ]
   }
 
@@ -188,7 +186,7 @@ data "aws_iam_policy_document" "sign_code" {
     ]
 
     resources = [
-      "arn:aws:signer:${data.aws_region.current.region}:${data.aws_caller_identity.current.account_id}:/signing-profiles/${var.signing_profile_name}",
+      "arn:aws:signer:${var.region}:${data.aws_caller_identity.current.account_id}:/signing-profiles/${var.signing_profile_name}",
     ]
   }
 }

main.tf

@@ -14,6 +14,7 @@ module "lambda" {
   function_name = var.function_name
   description   = var.description
   lambda_role   = var.lambda_role
+  region        = var.region
 
   create_package = false
 

variables.tf

@@ -1,3 +1,9 @@
+variable "region" {
+  description = "The AWS region to create resources in."
+  type        = string
+  default     = "ap-southeast-1"
+}
+
 variable "create_github_actions_oidc_provider" {
   description = "Controls Whether to create openid connect provider."
   type        = bool