feat: Added new S3 bucket policy statement for latest regions (#218)

Author: antonbabenko

examples/complete/main.tf

@@ -2,7 +2,6 @@ provider "aws" {
   region = local.region
 
   # Make it faster by skipping something
-  skip_get_ec2_platforms      = true
   skip_metadata_api_check     = true
   skip_region_validation      = true
   skip_credentials_validation = true

main.tf

@@ -531,6 +531,7 @@ data "aws_elb_service_account" "this" {
 data "aws_iam_policy_document" "elb_log_delivery" {
   count = local.create_bucket && var.attach_elb_log_delivery_policy ? 1 : 0
 
+  # Policy for AWS Regions created before August 2022 (e.g. US East (N. Virginia), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland))
   statement {
     sid = ""
 
@@ -549,6 +550,26 @@ data "aws_iam_policy_document" "elb_log_delivery" {
       "${aws_s3_bucket.this[0].arn}/*",
     ]
   }
+
+  # Policy for AWS Regions created after August 2022 (e.g. Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Spain), Europe (Zurich), Middle East (UAE))
+  statement {
+    sid = ""
+
+    principals {
+      type        = "Service"
+      identifiers = ["logdelivery.elasticloadbalancing.amazonaws.com"]
+    }
+
+    effect = "Allow"
+
+    actions = [
+      "s3:PutObject",
+    ]
+
+    resources = [
+      "${aws_s3_bucket.this[0].arn}/*",
+    ]
+  }
 }
 
 # ALB/NLB