Merge pull request #4 from cookielab/fix/remove-source-arn-condition

stepankonecny96 · web-flow · commit 51c4ac8523c4 · 2026-03-04T10:48:01.000+01:00
fix: remove aws:SourceArn condition from billing bucket policy
diff --git a/modules/source/main.tf b/modules/source/main.tf
@@ -40,12 +40,6 @@ data "aws_iam_policy_document" "bucket_policy" {
 
       resources = [local.bucket_arn]
 
-      condition {
-        test     = "StringLike"
-        variable = "aws:SourceArn"
-        values   = [aws_cur_report_definition.this[0].arn]
-      }
-
       condition {
         test     = "StringEquals"
         variable = "aws:SourceAccount"
@@ -70,12 +64,6 @@ data "aws_iam_policy_document" "bucket_policy" {
 
       resources = ["${local.bucket_arn}/*"]
 
-      condition {
-        test     = "StringLike"
-        variable = "aws:SourceArn"
-        values   = [aws_cur_report_definition.this[0].arn]
-      }
-
       condition {
         test     = "StringEquals"
         variable = "aws:SourceAccount"
