Remove deprectated iam attribute inline_policy (#3)

anishkumarait · web-flow · commit a224ccbbf961 · 2024-12-12T09:14:43.000Z
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.4.0
+  rev: v5.0.0
   hooks:
   - id: check-added-large-files
     args: ['--maxkb=500']
@@ -18,7 +18,7 @@ repos:
     args: ['--allow-missing-credentials']
   - id: trailing-whitespace
 - repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.76.0
+  rev: v1.96.2
   hooks:
   - id: terraform_fmt
   - id: terraform_docs
diff --git a/README.md b/README.md
@@ -25,7 +25,7 @@ module "vpc-flow-logs" {
 
 * [VPC flow logs](https://github.com/native-cube/terraform-aws-vpc-flow-logs/tree/main/examples/core)
 
-<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- BEGIN_TF_DOCS -->
 ## Requirements
 
 | Name | Version |
@@ -50,6 +50,7 @@ No modules.
 | [aws_cloudwatch_log_group.flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
 | [aws_flow_log.flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/flow_log) | resource |
 | [aws_iam_role.flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.flow_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
 | [aws_iam_policy_document.cloudwatch](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 
 ## Inputs
@@ -76,7 +77,7 @@ No modules.
 | <a name="output_flow_logs_id"></a> [flow\_logs\_id](#output\_flow\_logs\_id) | The Flow Log ID. |
 | <a name="output_flow_logs_role_arn"></a> [flow\_logs\_role\_arn](#output\_flow\_logs\_role\_arn) | The ARN specifying the role used by Flow Logs. |
 | <a name="output_flow_logs_role_id"></a> [flow\_logs\_role\_id](#output\_flow\_logs\_role\_id) | The ID specifying the role used by Flow Logs. |
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- END_TF_DOCS -->
 
 ## License
 
diff --git a/main.tf b/main.tf
@@ -25,14 +25,15 @@ resource "aws_iam_role" "flow_logs" {
     }
   )
 
-  inline_policy {
-    name   = "cloudwatch-policy"
-    policy = data.aws_iam_policy_document.cloudwatch.json
-  }
-
   tags = var.tags
 }
 
+resource "aws_iam_role_policy" "flow_logs" {
+  name   = "cloudwatch-policy"
+  role   = aws_iam_role.flow_logs.id
+  policy = data.aws_iam_policy_document.cloudwatch.json
+}
+
 resource "aws_flow_log" "flow_logs" {
   log_destination_type = "cloud-watch-logs"
   log_destination      = aws_cloudwatch_log_group.flow_logs.arn

Original file line number	Diff line number	Diff line change
`@@ -25,14 +25,15 @@ resource "aws_iam_role" "flow_logs" {`
`25`	`25`	`}`
`26`	`26`	`)`
`27`	`27`
`28`		`- inline_policy {`
`29`		`- name = "cloudwatch-policy"`
`30`		`- policy = data.aws_iam_policy_document.cloudwatch.json`
`31`		`- }`
`32`		`-`
`33`	`28`	`tags = var.tags`
`34`	`29`	`}`
`35`	`30`
	`31`	`+resource "aws_iam_role_policy" "flow_logs" {`
	`32`	`+ name = "cloudwatch-policy"`
	`33`	`+ role = aws_iam_role.flow_logs.id`
	`34`	`+ policy = data.aws_iam_policy_document.cloudwatch.json`
	`35`	`+}`
	`36`	`+`
`36`	`37`	`resource "aws_flow_log" "flow_logs" {`
`37`	`38`	`log_destination_type = "cloud-watch-logs"`
`38`	`39`	`log_destination = aws_cloudwatch_log_group.flow_logs.arn`