chore: fix warnings of terraform 0.12.20

When upgrading to terraform 0.12.20 it produces warnings about quotes
around types and interpolation with only one value inside. This resolves
them, so terraform validate doesn't produce any warnings on 0.12.20

I also cleaned up the note about terraform 0.11, because we're using
features that are not supported in 0.11 (e.g. `list(string)`)

Author: eugenep-scribd

logshipping.tf

@@ -60,31 +60,28 @@ EOF
 }
 
 resource "aws_iam_role_policy_attachment" "datadog-logshipping-lambda-attach" {
-  role       = "${aws_iam_role.dd-log-lambda.name}"
-  policy_arn = "${aws_iam_policy.datadog-logshipping.arn}"
+  role       = aws_iam_role.dd-log-lambda.name
+  policy_arn = aws_iam_policy.datadog-logshipping.arn
 }
 
 resource "aws_iam_role_policy_attachment" "datadog-logshipping-lambda-attach2" {
-  role       = "${aws_iam_role.dd-log-lambda.name}"
+  role       = aws_iam_role.dd-log-lambda.name
   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
 }
 
 resource "aws_iam_role_policy_attachment" "datadog-logshipping-lambda-attach3" {
-  role       = "${aws_iam_role.dd-log-lambda.name}"
+  role       = aws_iam_role.dd-log-lambda.name
   policy_arn = "arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess"
 }
 
 resource "aws_lambda_function" "dd-log" {
   filename      = "${path.module}/files/dd_log_lambda.zip"
   function_name = "${local.stack_prefix}DatadogLambdaFunction"
-  role          = "${aws_iam_role.dd-log-lambda.arn}"
+  role          = aws_iam_role.dd-log-lambda.arn
   handler       = "lambda_function.lambda_handler"
   description   = "This lambda function will export logs to our orgs Datadog events"
 
-  # The filebase64sha256() function is available in Terraform 0.11.12 and later
-  # For Terraform 0.11.11 and earlier, use the base64sha256() function and the file() function:
-  # source_code_hash = "${base64sha256(file("lambda_function_payload.zip"))}"
-  source_code_hash = "${filebase64sha256("${path.module}/files/dd_log_lambda.zip")}"
+  source_code_hash = filebase64sha256("${path.module}/files/dd_log_lambda.zip")
 
   runtime     = "python2.7"
   memory_size = "1024"

logshipping_cloudtrail.tf

@@ -1,21 +1,20 @@
-
 # Make lambda function accept invokes from S3
 resource "aws_lambda_permission" "allow-ctbucket-trigger" {
-  count         = "${var.cloudtrail_bucket_id != "" ? 1 : 0}"
+  count         = var.cloudtrail_bucket_id != "" ? 1 : 0
   statement_id  = "AllowExecutionFromCTBucket"
   action        = "lambda:InvokeFunction"
-  function_name = "${aws_lambda_function.dd-log.arn}"
+  function_name = aws_lambda_function.dd-log.arn
   principal     = "s3.amazonaws.com"
-  source_arn    = "${var.cloudtrail_bucket_arn}"
+  source_arn    = var.cloudtrail_bucket_arn
 }
 
 # Tell S3 bucket to invoke DD lambda once an object is created/modified
 resource "aws_s3_bucket_notification" "ctbucket-notification-dd-log" {
-  count  = "${var.cloudtrail_bucket_id != "" ? 1 : 0}"
-  bucket = "${var.cloudtrail_bucket_id}"
+  count  = var.cloudtrail_bucket_id != "" ? 1 : 0
+  bucket = var.cloudtrail_bucket_id
 
   lambda_function {
-    lambda_function_arn = "${aws_lambda_function.dd-log.arn}"
+    lambda_function_arn = aws_lambda_function.dd-log.arn
     events              = ["s3:ObjectCreated:*"]
   }
 }

logshipping_elb.tf

@@ -1,10 +1,9 @@
-
 # Make lambda function accept invokes from S3
 resource "aws_lambda_permission" "allow-elblog-trigger" {
   count         = var.create_elb_logs_bucket ? 1 : 0
   statement_id  = "AllowExecutionFromELBLogBucket"
   action        = "lambda:InvokeFunction"
-  function_name = "${aws_lambda_function.dd-log.arn}"
+  function_name = aws_lambda_function.dd-log.arn
   principal     = "s3.amazonaws.com"
   source_arn    = aws_s3_bucket.elb_logs[0].arn
 }
@@ -15,7 +14,7 @@ resource "aws_s3_bucket_notification" "elblog-notification-dd-log" {
   bucket = aws_s3_bucket.elb_logs[0].id
 
   lambda_function {
-    lambda_function_arn = "${aws_lambda_function.dd-log.arn}"
+    lambda_function_arn = aws_lambda_function.dd-log.arn
     events              = ["s3:ObjectCreated:*"]
   }
 }
@@ -83,4 +82,3 @@ POLICY
     }
   }
 }
-

main.tf

@@ -128,6 +128,6 @@ EOF
 
 resource "aws_iam_role_policy_attachment" "datadog-core-attach" {
   count      = var.enable_datadog_aws_integration ? 1 : 0
-  role       = "${aws_iam_role.datadog-integration[0].name}"
-  policy_arn = "${aws_iam_policy.datadog-core[0].arn}"
+  role       = aws_iam_role.datadog-integration[0].name
+  policy_arn = aws_iam_policy.datadog-core[0].arn
 }

vars.tf

@@ -59,6 +59,6 @@ variable "elb_logs_bucket_prefix" {
 }
 variable "log_exclude_at_match" {
   description = "Sets EXCLUDE_AT_MATCH environment variable, which allows excluding unwanted log lines"
-  type        = "string"
+  type        = string
   default     = "$x^" # <- never matches anything
 }