Skip to content

Commit 8f5633d

Browse files
snemetzsnemetz
committed
Fix SCP file paths
1 parent 9d53cf1 commit 8f5633d

File tree

2 files changed

+9
-9
lines changed

2 files changed

+9
-9
lines changed

modules/scp/files/placeholder.tf

Whitespace-only changes.

modules/scp/main.tf

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ resource "aws_organizations_policy" "deny_cloudtrail_disable" {
1313
description = "Prevent CloudTrail from beings disabled"
1414
tags = var.tags
1515
type = "SERVICE_CONTROL_POLICY"
16-
content = file("files/deny-cloudtrail-disable.json")
16+
content = file("${path.module}/files/deny-cloudtrail-disable.json")
1717
# templatefile(path, vars)
1818
}
1919
resource "aws_organizations_policy" "deny_cloudtrail_tamper" {
@@ -22,7 +22,7 @@ resource "aws_organizations_policy" "deny_cloudtrail_tamper" {
2222
description = "Prevent CloudTrail trails from beings tampered with"
2323
tags = var.tags
2424
type = "SERVICE_CONTROL_POLICY"
25-
content = file("files/deny-cloudtrail-tamper.json")
25+
content = file("${path.module}/files/deny-cloudtrail-tamper.json")
2626
}
2727
### -----------------------
2828
### Config
@@ -33,7 +33,7 @@ resource "aws_organizations_policy" "deny_config_modify" {
3333
description = "Prevent Config from beings tampered with"
3434
tags = var.tags
3535
type = "SERVICE_CONTROL_POLICY"
36-
content = file("files/deny-config-modify.json")
36+
content = file("${path.module}/files/deny-config-modify.json")
3737
}
3838
### -----------------------
3939
### EBS
@@ -48,7 +48,7 @@ resource "aws_organizations_policy" "deny_ecr_create_write" {
4848
description = "Prevent ECR from being created or written too"
4949
tags = var.tags
5050
type = "SERVICE_CONTROL_POLICY"
51-
content = file("files/deny-ecr-create-write.json")
51+
content = file("${path.module}/files/deny-ecr-create-write.json")
5252
}
5353
### -----------------------
5454
### GuardDuty
@@ -59,7 +59,7 @@ resource "aws_organizations_policy" "deny_guardduty_modify" {
5959
description = "Prevent GuardDuty from being modified"
6060
tags = var.tags
6161
type = "SERVICE_CONTROL_POLICY"
62-
content = file("files/deny-guardduty-modify.json")
62+
content = file("${path.module}/files/deny-guardduty-modify.json")
6363
}
6464
### -----------------------
6565
### IAM
@@ -70,7 +70,7 @@ resource "aws_organizations_policy" "deny_guardduty_modify" {
7070
# description = "Prevent ECR from being created or written too"
7171
# tags = var.tags
7272
# type = "SERVICE_CONTROL_POLICY"
73-
# content = file("files/deny-ecr-create-write.json")
73+
# content = file("${path.module}/files/deny-ecr-create-write.json")
7474
#}
7575
### -----------------------
7676
### Organization
@@ -81,7 +81,7 @@ resource "aws_organizations_policy" "deny_member_leaving" {
8181
description = "Prevent organization member accounts from leaving the organization"
8282
tags = var.tags
8383
type = "SERVICE_CONTROL_POLICY"
84-
content = file("files/deny-member-leaving.json")
84+
content = file("${path.module}/files/deny-member-leaving.json")
8585
}
8686
### -----------------------
8787
### S3
@@ -92,13 +92,13 @@ resource "aws_organizations_policy" "deny_s3_public" {
9292
description = "Prevent account S3 public access block from being changed"
9393
tags = var.tags
9494
type = "SERVICE_CONTROL_POLICY"
95-
content = file("files/deny-s3-public.json")
95+
content = file("${path.module}/files/deny-s3-public.json")
9696
}
9797
resource "aws_organizations_policy" "require_s3_encryption" {
9898
count = local.enable && var.enable_s3 ? 1 : 0
9999
name = "require_s3_encryption"
100100
description = "Require S3 service side encryption"
101101
tags = var.tags
102102
type = "SERVICE_CONTROL_POLICY"
103-
content = file("files/require-s3-encryption.json")
103+
content = file("${path.module}/files/require-s3-encryption.json")
104104
}

0 commit comments

Comments
 (0)