Description

Version 3.8.2 breaks compatibility with AWS govcloud due to hardcoding aws in the arn at 3c094b3#diff-dc46acf24afd63ef8c556b77c126ccc6e578bc87e3aa09a931f33d9bf2532fbbR574

govcloud arns take the form arn:aws-us-gov:iam::123123123123:root; forcing the format to match arn:aws:iam::123123123123:root as in the linked code above doesn't allow use with aws govcloud

• [☑] ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]: 3.8.2

• Terraform version: 1.3.7

• Provider version(s):

Reproduction Code [Required]

module "elb_log_bucket" {
  source                         = "terraform-aws-modules/s3-bucket/aws"
  version                        = "3.8.2"
  bucket                         = "bucket-elb-logs"
  acl                            = "log-delivery-write"
  force_destroy                  = true
  attach_elb_log_delivery_policy = true
}

Steps to reproduce the behavior:

Use the module in an aws govcloud environment

Expected behavior

Module builds correctly and is able to succeed with a terraform apply

Actual behavior

terraform apply throws error "Error putting S3 policy: MalformedPolicy: Invalid principal in policy"

Additional notes

Version 3.8.1 of the module works as expected

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

This issue has been resolved in version 3.9.0 🎉