CCM-11586: Correct references to new modules

masl2 · masl2 · commit dc0ef789194f · 2025-08-21T14:44:26.000+01:00
diff --git a/infrastructure/terraform/components/api/module_domain_truststore.tf b/infrastructure/terraform/components/api/module_domain_truststore.tf
@@ -13,11 +13,10 @@ module "domain_truststore" {
 
   bucket_logging_target = {
     bucket = module.logging_bucket.bucket
-    prefix = "${name}/"
+    prefix = "${local.csi_s3}-truststore/"
   }
 
   policy_documents = [
-    aws_iam_policy_document.truststore.json
   ]
 
 }
diff --git a/infrastructure/terraform/components/api/module_logging_bucket.tf b/infrastructure/terraform/components/api/module_logging_bucket.tf
@@ -12,7 +12,7 @@ module "logging_bucket" {
   kms_key_arn = module.kms.key_id
 
   policy_documents = [
-    aws_iam_policy_document.logging.json
+    data.aws_iam_policy_document.logging.json
   ]
 }
 
@@ -29,7 +29,7 @@ data "aws_iam_policy_document" "logging" {
       actions = ["s3:PutObject"]
 
       resources = [
-        "${aws_s3_bucket.logging.arn}/*",
+        "${module.logging_bucket.arn}/*",
       ]
     }
 }
diff --git a/infrastructure/terraform/components/api/s3_bucket_object_truststore.tf b/infrastructure/terraform/components/api/s3_bucket_object_truststore.tf
@@ -1,12 +1,12 @@
 # In manually configured (e.g. dev main, nonprod main, prod main) add lifecycle policy to permit manual management of cert
 resource "aws_s3_object" "placeholder_truststore" {
   count   = var.manually_configure_mtls_truststore ? 1 : 0
-  bucket  = aws_s3_bucket.truststore.bucket
+  bucket  = module.domain_truststore.bucket
   key     = "truststore.pem"
   content = module.supplier_ssl[0].cacert_pem
 
   depends_on = [
-    aws_s3_bucket_versioning.truststore,
+    module.domain_truststore,
     module.supplier_ssl
   ]
 
@@ -21,12 +21,12 @@ resource "aws_s3_object" "placeholder_truststore" {
 # Requires duplicate block as lifecycle policies cannot be dynamic
 resource "aws_s3_object" "placeholder_truststore_nonprod" {
   count   = !var.manually_configure_mtls_truststore ? 1 : 0
-  bucket  = aws_s3_bucket.truststore.bucket
+  bucket  = module.domain_truststore.bucket
   key     = "truststore.pem"
   content = module.supplier_ssl[0].cacert_pem
 
   depends_on = [
-    aws_s3_bucket_versioning.truststore,
+    module.domain_truststore,
     module.supplier_ssl
   ]
 }

Original file line number	Diff line number	Diff line change
`@@ -13,11 +13,10 @@ module "domain_truststore" {`
`13`	`13`
`14`	`14`	`bucket_logging_target = {`
`15`	`15`	`bucket = module.logging_bucket.bucket`
`16`		`- prefix = "${name}/"`
	`16`	`+ prefix = "${local.csi_s3}-truststore/"`
`17`	`17`	`}`
`18`	`18`
`19`	`19`	`policy_documents = [`
`20`		`- aws_iam_policy_document.truststore.json`
`21`	`20`	`]`
`22`	`21`
`23`	`22`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ module "logging_bucket" {`
`12`	`12`	`kms_key_arn = module.kms.key_id`
`13`	`13`
`14`	`14`	`policy_documents = [`
`15`		`- aws_iam_policy_document.logging.json`
	`15`	`+ data.aws_iam_policy_document.logging.json`
`16`	`16`	`]`
`17`	`17`	`}`
`18`	`18`
`@@ -29,7 +29,7 @@ data "aws_iam_policy_document" "logging" {`
`29`	`29`	`actions = ["s3:PutObject"]`
`30`	`30`
`31`	`31`	`resources = [`
`32`		`- "${aws_s3_bucket.logging.arn}/*",`
	`32`	`+ "${module.logging_bucket.arn}/*",`
`33`	`33`	`]`
`34`	`34`	`}`
`35`	`35`	`}`