From 4b752c6db24bda5f0e7155d357199799d3c8793c Mon Sep 17 00:00:00 2001
From: Chastity Blackwell <cblkwell@truss.works>
Date: Tue, 17 Sep 2019 10:43:32 -0700
Subject: [PATCH 1/2] First pass at updating for tf12

---
 .pre-commit-config.yaml |  3 +--
 README.md               |  8 ++++---
 main.tf                 | 48 ++++++++++++++++++++---------------------
 3 files changed, 30 insertions(+), 29 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 8d31e32..52a4c89 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -17,8 +17,7 @@ repos:
       - id: markdownlint
 
   - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.12.0
+    rev: v1.19.0
     hooks:
       - id: terraform_docs
       - id: terraform_fmt
-      - id: terraform_validate_no_variables
diff --git a/README.md b/README.md
index fb2e969..528ed6e 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
 Creates a lambda function with associated role and policies, which
 will log to Cloudwatch Logs.
 
@@ -27,17 +27,19 @@ module "my_lambda_function" {
   source_types           = ["events"]
   source_arns            = ["${aws_cloudwatch_event_rule.trigger.arn}"]
 
-  env_vars {
+  env_vars = {
     VARNAME = "value"
   }
 
-  tags {
+  tags = {
     "Service" = "big_app"
   }
 
 }
 ```
 
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Inputs
 
 | Name | Description | Type | Default | Required |
diff --git a/main.tf b/main.tf
index bd1a051..cc127d6 100644
--- a/main.tf
+++ b/main.tf
@@ -27,11 +27,11 @@
  *   source_types           = ["events"]
  *   source_arns            = ["${aws_cloudwatch_event_rule.trigger.arn}"]
  *
- *   env_vars {
+ *   env_vars = {
  *     VARNAME = "value"
  *   }
  *
- *   tags {
+ *   tags = {
  *     "Service" = "big_app"
  *   }
  *
@@ -78,15 +78,15 @@ data "aws_iam_policy_document" "logs_policy_doc" {
 # Create the IAM role for the Lambda instance.
 resource "aws_iam_role" "main" {
   name               = "lambda-${local.full_name}"
-  assume_role_policy = "${data.aws_iam_policy_document.assume_role.json}"
+  assume_role_policy = data.aws_iam_policy_document.assume_role.json
 }
 
 # Attach the logging policy to the above IAM role.
 resource "aws_iam_role_policy" "main" {
   name = "lambda-${local.full_name}"
-  role = "${aws_iam_role.main.id}"
+  role = aws_iam_role.main.id
 
-  policy = "${data.aws_iam_policy_document.logs_policy_doc.json}"
+  policy = data.aws_iam_policy_document.logs_policy_doc.json
 }
 
 # This code verifies that the count of policy ARNs matches the actual
@@ -105,50 +105,50 @@ SH
   # Rerun this script if the input values change.
   triggers = {
     role_policy_arns_count_computed = "${length(var.role_policy_arns)}"
-    role_policy_arns_count_provided = "${var.role_policy_arns_count}"
+    role_policy_arns_count_provided = var.role_policy_arns_count
   }
 }
 
 # Attach user-provided policies to role defined above.
 resource "aws_iam_role_policy_attachment" "user_policy_attach" {
-  count      = "${var.role_policy_arns_count}"
-  role       = "${aws_iam_role.main.name}"
+  count      = var.role_policy_arns_count
+  role       = aws_iam_role.main.name
   policy_arn = "${var.role_policy_arns[count.index]}"
 }
 
 # Cloudwatch Logs
 resource "aws_cloudwatch_log_group" "main" {
   name              = "/aws/lambda/${local.full_name}"
-  retention_in_days = "${var.cloudwatch_logs_retention_days}"
+  retention_in_days = var.cloudwatch_logs_retention_days
 
   tags = {
-    Name = "${local.full_name}"
+    Name = local.full_name
   }
 }
 
 # Lambda function
 resource "aws_lambda_function" "main" {
-  depends_on = ["aws_cloudwatch_log_group.main"]
+  depends_on = [aws_cloudwatch_log_group.main]
 
-  s3_bucket = "${var.s3_bucket}"
-  s3_key    = "${var.s3_key}"
+  s3_bucket = var.s3_bucket
+  s3_key    = var.s3_key
 
-  function_name = "${local.full_name}"
-  role          = "${aws_iam_role.main.arn}"
-  handler       = "${var.name}"
-  runtime       = "${var.runtime}"
-  memory_size   = "${var.memory_size}"
-  timeout       = "${var.timeout}"
+  function_name = local.full_name
+  role          = aws_iam_role.main.arn
+  handler       = var.name
+  runtime       = var.runtime
+  memory_size   = var.memory_size
+  timeout       = var.timeout
 
   environment {
-    variables = "${var.env_vars}"
+    variables = var.env_vars
   }
 
-  tags = "${var.tags}"
+  tags = var.tags
 
   vpc_config {
-    subnet_ids         = ["${var.subnet_ids}"]
-    security_group_ids = ["${var.security_group_ids}"]
+    subnet_ids         = var.subnet_ids
+    security_group_ids = var.security_group_ids
   }
 }
 
@@ -159,7 +159,7 @@ resource "aws_lambda_permission" "allow_source" {
   statement_id = "AllowExecutionForLambda-${var.source_types[count.index]}"
 
   action        = "lambda:InvokeFunction"
-  function_name = "${aws_lambda_function.main.function_name}"
+  function_name = aws_lambda_function.main.function_name
 
   principal  = "${var.source_types[count.index]}.amazonaws.com"
   source_arn = "${var.source_arns[count.index]}"

From bcd707482874497cc1721d1dd97262925b9f25d4 Mon Sep 17 00:00:00 2001
From: Chastity Blackwell <cblkwell@truss.works>
Date: Wed, 18 Sep 2019 10:14:38 -0700
Subject: [PATCH 2/2] Updating circleci config to use tf12 image

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 73c8a10..bcf6843 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -2,7 +2,7 @@ version: 2
 jobs:
   validate:
     docker:
-      - image: trussworks/circleci-docker-primary:a18ba9987556eec2e48354848a3c9fb4d5b69ac8
+      - image: trussworks/circleci-docker-primary:tf12-0ccfce37a5c2feb87590f0161ec186354c25ac83
     steps:
       - checkout
       - restore_cache: