@@ -54,7 +54,7 @@ resource "aws_vpc_endpoint" "sqs_endpoint" {
5454 {
5555 Effect = " Allow"
5656 Principal = {
57- AWS = " arn:aws:iam:: ${ local . immunisation_account_id } :root "
57+ AWS = " * "
5858 },
5959 Action = [
6060 " sqs:SendMessage"
@@ -84,7 +84,7 @@ resource "aws_vpc_endpoint" "s3_endpoint" {
8484 {
8585 Effect = " Allow"
8686 Principal = {
87- AWS = " arn:aws:iam:: ${ local . immunisation_account_id } :root "
87+ AWS = " * "
8888 },
8989 Action = [
9090 " s3:GetObject"
@@ -117,7 +117,7 @@ resource "aws_vpc_endpoint" "kinesis_endpoint" {
117117 {
118118 Effect = " Allow"
119119 Principal = {
120- AWS = " arn:aws:iam:: ${ local . immunisation_account_id } :root "
120+ AWS = " * "
121121 },
122122 Action = [
123123 " firehose:ListDeliveryStreams"
@@ -141,25 +141,11 @@ resource "aws_vpc_endpoint" "dynamodb" {
141141 for rt in data . aws_route_tables . default_route_tables . ids : rt
142142 ]
143143
144- policy = jsonencode ({
145- Version = " 2012-10-17"
146- Statement = [
147- {
148- " Effect" : " Allow"
149- " Principal" : {
150- AWS = " arn:aws:iam::${ local . immunisation_account_id } :root"
151- },
152- " Action" : " *"
153- " Resource" : " *"
154- }
155- ]
156- })
157144 tags =
158145 Name = " immunisation-dynamo-endpoint"
159146 }
160147}
161148
162-
163149resource "aws_vpc_endpoint" "ecr_api" {
164150 vpc_id = . aws_vpc . default . id
165151 service_name = " com.amazonaws.${ var . aws_region } .ecr.api"
@@ -215,7 +201,7 @@ resource "aws_vpc_endpoint" "kinesis_stream_endpoint" {
215201 {
216202 Effect = " Allow"
217203 Principal = {
218- AWS = " arn:aws:iam:: ${ local . immunisation_account_id } :root "
204+ AWS = " * "
219205 },
220206 Action = [
221207 " kinesis:ListShards"
@@ -254,7 +240,7 @@ resource "aws_vpc_endpoint" "kms_endpoint" {
254240 {
255241 Effect = " Allow"
256242 Principal = {
257- AWS = " arn:aws:iam:: ${ local . immunisation_account_id } :root "
243+ AWS = " * "
258244 },
259245 Action = [
260246 " kms:Decrypt"
0 commit comments