updated all TF files to version 0.12.19

Author: richardgutkowski

README.md

@@ -1,2 +1,101 @@
 # aws-lambda-encrypt-ami
-Lambda function triggered by SNS notification on a successful AMI Packer build.
+
+[![OSO DevOps][logo]](https://osodevops.io)
+
+---
+
+This Terraform module creates an encryption Lambda function that is triggered by a SNS notification on a successful AMI Packer build.
+
+This project is part of our open source DevOps adoption approach. 
+
+It's 100% Open Source and licensed under the [APACHE2](LICENSE).
+
+## Usage
+
+Include this repository as a module in your existing terraform code:
+```hcl
+module "codebuild" {
+  source                        = "git::ssh://[email protected]/osodevops/aws-lambda-encrypt-ami.git"
+  common_tags                   = "${var.common_tags}"
+  environment                   = "DEV"
+  kms_key_arn                   = "alias/foo-bar-key"
+```
+
+## Help
+
+**Got a question?**
+
+File a GitHub [issue](https://github.com/osodevops/aws-lambda-encrypt-ami/issues), send us an [email][email] or tweet us [twitter][twitter].
+
+## Contributing
+
+### Bug Reports & Feature Requests
+
+Please use the [issue tracker](https://github.com/osodevops/aws-lambda-encrypt-ami/issues) to report any bugs or file feature requests.
+
+### Developing
+
+If you are interested in being a contributor and want to get involved in developing this project or help out with our other projects, we would love to hear from you! Shoot us an [email][email].
+
+In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
+
+ 1. **Fork** the repo on GitHub
+ 2. **Clone** the project to your own machine
+ 3. **Commit** changes to your own branch
+ 4. **Push** your work back up to your fork
+ 5. Submit a **Pull Request** so that we can review your changes
+
+**NOTE:** Be sure to merge the latest changes from "upstream" before making a pull request!
+
+## Copyrights
+
+Copyright © 2018-2019 [OSO DevOps](https://osodevops.io)
+
+## License 
+
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) 
+
+See [LICENSE](LICENSE) for full details.
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+## Trademarks
+
+All other trademarks referenced herein are the property of their respective owners.
+
+## About
+
+[![OSO DevOps][logo]][website]
+
+We are a cloud consultancy specialising in transforming technology organisations through DevOps practices. We help organisations accelerate their capabilities for application delivery and minimize the time-to-market for software-driven innovation. 
+
+Check out [our other projects][github], [follow us on twitter][twitter], or [hire us][hire] to help with your cloud strategy and implementation.
+
+
+
+
+[![README Footer][readme_footer_img]][readme_footer_link]
+[![Beacon][beacon]][website]
+
+  [logo]: https://osodevops.io/assets/images/logo-purple-b3af53cc.svg
+  [website]: https://osodevops.io/
+  [github]: https://github.com/orgs/osodevops/
+  [hire]: https://osodevops.io/contact/
+  [linkedin]: https://www.linkedin.com/company/oso-devops
+  [twitter]: https://twitter.com/osodevops
+  [email]: https://www.osodevops.io/contact/

aws_cloudwatch_event_rule_build_success.tf

@@ -22,8 +22,8 @@ resource "aws_cloudwatch_event_rule" "build_alert" {
 
 resource "aws_cloudwatch_event_target" "lamba_alert" {
   # Create ami encryption target
-  rule      = "${aws_cloudwatch_event_rule.build_alert.name}"
+  rule      = aws_cloudwatch_event_rule.build_alert.name
   target_id = "ami-encryption-lambda"
-  arn       = "${aws_lambda_function.ami_encryption_lambda.arn}"
+  arn       = aws_lambda_function.ami_encryption_lambda.arn
 }
 

aws_lambda_function.tf

@@ -1,22 +1,24 @@
 resource "aws_lambda_function" "ami_encryption_lambda" {
-  filename      = "${data.archive_file.ami_encryption.0.output_path}"
-  description   = "Responsible for creating AMI with encrypted root volume."
-  function_name = "${upper(var.environment)}-AMI-ENCRYPTION-FUNCTION"
-
-  role          = "${aws_iam_role.ami_encrypt_lambda.arn}"
-  handler       = "ami_encryption.lambda_handler"
-  runtime       = "python3.6"
-  timeout       = 180
-  source_code_hash = "${data.archive_file.ami_encryption.0.output_base64sha256}"
+  filename         = data.archive_file.ami_encryption.0.output_path
+  description      = "Responsible for creating AMI with encrypted root volume."
+  function_name    = "${upper(var.environment)}-AMI-ENCRYPTION-FUNCTION"
+  role             = aws_iam_role.ami_encrypt_lambda.arn
+  handler          = "ami_encryption.lambda_handler"
+  runtime          = "python3.6"
+  timeout          = 180
+  source_code_hash = data.archive_file.ami_encryption.0.output_base64sha256
 
   environment {
     variables = {
       KMS_ENABLED = "True"
-      KMS_KEY = "${var.kms_key_arn}"
+      KMS_KEY = var.kms_key_arn
     }
   }
 
-  tags = "${merge(var.common_tags,
-    map("Name" , "${var.environment}-AMI-ENCRYPTION-LAMBDA")
-  )}"
+  tags = merge(
+    var.common_tags,
+    {
+    "Name" = "${var.environment}-AMI-ENCRYPTION-LAMBDA"
+    },
+  )
 }

aws_lambda_iam_policy.tf

@@ -3,5 +3,5 @@ resource "aws_iam_policy" "ami_encryption_policy" {
   path        = "/"
   description = "AMI encryption Lambda function policy to access EC2 and CloudWatch"
 
-  policy = "${data.aws_iam_policy_document.lambda_config_policy.json}"
+  policy = data.aws_iam_policy_document.lambda_config_policy.json
 }

aws_lambda_iam_policy_attachment.tf

@@ -1,5 +1,5 @@
 resource "aws_iam_policy_attachment" "ami_encryption_policy" {
   name       = "ami-encryption-attachment"
-  roles      = ["${aws_iam_role.ami_encrypt_lambda.name}"]
-  policy_arn = "${aws_iam_policy.ami_encryption_policy.arn}"
+  roles      = [aws_iam_role.ami_encrypt_lambda.name]
+  policy_arn = aws_iam_policy.ami_encryption_policy.arn
 }

aws_lambda_iam_role.tf

@@ -1,5 +1,5 @@
 resource "aws_iam_role" "ami_encrypt_lambda" {
   name               = "${var.environment}-AMI-ENCRYPTION-LAMBDA-ROLE"
   description        = "Allows Lambda function to execute AMI copy with encrypted root volume."
-  assume_role_policy = "${data.aws_iam_policy_document.lambda_config_trust.json}"
+  assume_role_policy = data.aws_iam_policy_document.lambda_config_trust.json
 }

aws_lambda_permission_cloudwatch_event.tf

@@ -1,7 +1,7 @@
 resource "aws_lambda_permission" "cloudwatch_event" {
   statement_id  = "AllowExecutionFromCloudWatchEvent"
   action        = "lambda:InvokeFunction"
-  function_name = "${aws_lambda_function.ami_encryption_lambda.0.function_name}"
+  function_name = aws_lambda_function.ami_encryption_lambda.0.function_name
   principal     = "events.amazonaws.com"
-  source_arn    = "${aws_cloudwatch_event_rule.build_alert.arn}"
+  source_arn    = aws_cloudwatch_event_rule.build_alert.arn
 }

data_archive_file_ami_backup.tf

@@ -1,5 +1,5 @@
 data "archive_file" "ami_encryption" {
   type        = "zip"
-  source_file = "${data.null_data_source.lambda_file.outputs.filename}"
-  output_path = "${data.null_data_source.lambda_archive.outputs.filename}"
+  source_file = data.null_data_source.lambda_file.outputs.filename
+  output_path = data.null_data_source.lambda_archive.outputs.filename
 }

data_null_data_source_lambda_archive.tf

@@ -1,5 +1,5 @@
 data "null_data_source" "lambda_archive" {
-  inputs {
-    filename = "${substr("${path.module}/functions/ami_encryption.zip", length(path.cwd) + 1, -1)}"
+  inputs = {
+    filename = substr("${path.module}/functions/ami_encryption.zip", length(path.cwd) + 1, -1)
   }
-}
+}

data_null_data_source_lambda_file.tf

@@ -1,5 +1,5 @@
 data "null_data_source" "lambda_file" {
-  inputs {
-    filename = "${substr("${path.module}/functions/ami_encryption.py", length(path.cwd) + 1, -1)}"
+  inputs = {
+    filename = substr("${path.module}/functions/ami_encryption.py", length(path.cwd) + 1, -1)
   }
 }