terraform, aws: refactor iam policy indentation

consideRatio · Apr 19, 2024 · 08f70ce · 08f70ce
1 parent a59ff1d
commit 08f70ce
Show file tree

Hide file tree

Showing 5 changed files with 273 additions and 273 deletions.
diff --git a/terraform/aws/projects/jupyter-meets-the-earth.tfvars b/terraform/aws/projects/jupyter-meets-the-earth.tfvars
@@ -21,17 +21,17 @@ hub_cloud_permissions = {
       # FIXME: Previously, users were granted full S3 permissions.
       # Keep it the same for now
       extra_iam_policy : <<-EOT
-{
-  "Version": "2012-10-17",
-  "Statement": [       
-    {
-        "Effect": "Allow",           
-        "Action": ["s3:*"],           
-        "Resource": ["arn:aws:s3:::*"]
-    }
-  ]
-}
-EOT
+        {
+          "Version": "2012-10-17",
+          "Statement": [
+            {
+              "Effect": "Allow",
+              "Action": ["s3:*"],
+              "Resource": ["arn:aws:s3:::*"]
+            }
+          ]
+        }
+      EOT
     },
   },
   "prod" : {
@@ -40,17 +40,17 @@ EOT
       # FIXME: Previously, users were granted full S3 permissions.
       # Keep it the same for now
       extra_iam_policy : <<-EOT
-{
-  "Version": "2012-10-17",
-  "Statement": [       
-    {
-        "Effect": "Allow",           
-        "Action": ["s3:*"],           
-        "Resource": ["arn:aws:s3:::*"]
-    }
-  ]
-}
-EOT
+        {
+          "Version": "2012-10-17",
+          "Statement": [
+            {
+              "Effect": "Allow",
+              "Action": ["s3:*"],
+              "Resource": ["arn:aws:s3:::*"]
+            }
+          ]
+        }
+      EOT
     },
   },
 }
diff --git a/terraform/aws/projects/nasa-cryo.tfvars b/terraform/aws/projects/nasa-cryo.tfvars
@@ -54,7 +54,7 @@ hub_cloud_permissions = {
               }
           ]
         }
-    EOT
+      EOT
     },
   },
   "prod" : {
@@ -90,7 +90,7 @@ hub_cloud_permissions = {
               }
           ]
         }
-    EOT
+      EOT
     },
   },
 }
diff --git a/terraform/aws/projects/nasa-esdis.tfvars b/terraform/aws/projects/nasa-esdis.tfvars
@@ -25,62 +25,62 @@ hub_cloud_permissions = {
     "user-sa" : {
       bucket_admin_access : ["scratch"],
       extra_iam_policy : <<-EOT
-      {
+        {
           "Version": "2012-10-17",
           "Statement": [
-              {
-                  "Effect": "Allow",
-                  "Action": [
-                      "s3:PutObject",
-                      "s3:GetObject",
-                      "s3:ListBucketMultipartUploads",
-                      "s3:AbortMultipartUpload",
-                      "s3:ListBucketVersions",
-                      "s3:CreateBucket",
-                      "s3:ListBucket",
-                      "s3:DeleteObject",
-                      "s3:GetBucketLocation",
-                      "s3:ListMultipartUploadParts"
-                  ],
-                  "Resource": [
-                      "arn:aws:s3:::veda-data-store-staging",
-                      "arn:aws:s3:::veda-data-store-staging/*",
-                      "arn:aws:s3:::veda-nex-gddp-cmip6-public",
-                      "arn:aws:s3:::veda-nex-gddp-cmip6-public/*",
-                      "arn:aws:s3:::cmip6-staging",
-                      "arn:aws:s3:::cmip6-staging/*",
-                      "arn:aws:s3:::lp-prod-protected",
-                      "arn:aws:s3:::lp-prod-protected/*",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected/*",
-                      "arn:aws:s3:::pangeo-forge-veda-output",
-                      "arn:aws:s3:::pangeo-forge-veda-output/*",
-                      "arn:aws:s3:::podaac-ops-cumulus-public",
-                      "arn:aws:s3:::podaac-ops-cumulus-public/*",
-                      "arn:aws:s3:::podaac-ops-cumulus-protected",
-                      "arn:aws:s3:::podaac-ops-cumulus-protected/*",
-                      "arn:aws:s3:::maap-ops-workspace",
-                      "arn:aws:s3:::maap-ops-workspace/*",
-                      "arn:aws:s3:::nasa-maap-data-store",
-                      "arn:aws:s3:::nasa-maap-data-store/*",
-                      "arn:aws:s3:::grss-veda-data-store",
-                      "arn:aws:s3:::grss-veda-data-store/*",
-                      "arn:aws:s3:::sentinel-cogs",
-                      "arn:aws:s3:::sentinel-cogs/*"
-                  ]
-              },
-              {
-                  "Effect": "Allow",
-                  "Action": "s3:ListAllMyBuckets",
-                  "Resource": "*"
-              }
+            {
+              "Effect": "Allow",
+              "Action": [
+                "s3:PutObject",
+                "s3:GetObject",
+                "s3:ListBucketMultipartUploads",
+                "s3:AbortMultipartUpload",
+                "s3:ListBucketVersions",
+                "s3:CreateBucket",
+                "s3:ListBucket",
+                "s3:DeleteObject",
+                "s3:GetBucketLocation",
+                "s3:ListMultipartUploadParts"
+              ],
+              "Resource": [
+                "arn:aws:s3:::veda-data-store-staging",
+                "arn:aws:s3:::veda-data-store-staging/*",
+                "arn:aws:s3:::veda-nex-gddp-cmip6-public",
+                "arn:aws:s3:::veda-nex-gddp-cmip6-public/*",
+                "arn:aws:s3:::cmip6-staging",
+                "arn:aws:s3:::cmip6-staging/*",
+                "arn:aws:s3:::lp-prod-protected",
+                "arn:aws:s3:::lp-prod-protected/*",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
+                "arn:aws:s3:::ornl-cumulus-prod-protected",
+                "arn:aws:s3:::ornl-cumulus-prod-protected/*",
+                "arn:aws:s3:::pangeo-forge-veda-output",
+                "arn:aws:s3:::pangeo-forge-veda-output/*",
+                "arn:aws:s3:::podaac-ops-cumulus-public",
+                "arn:aws:s3:::podaac-ops-cumulus-public/*",
+                "arn:aws:s3:::podaac-ops-cumulus-protected",
+                "arn:aws:s3:::podaac-ops-cumulus-protected/*",
+                "arn:aws:s3:::maap-ops-workspace",
+                "arn:aws:s3:::maap-ops-workspace/*",
+                "arn:aws:s3:::nasa-maap-data-store",
+                "arn:aws:s3:::nasa-maap-data-store/*",
+                "arn:aws:s3:::grss-veda-data-store",
+                "arn:aws:s3:::grss-veda-data-store/*",
+                "arn:aws:s3:::sentinel-cogs",
+                "arn:aws:s3:::sentinel-cogs/*"
+              ]
+            },
+            {
+              "Effect": "Allow",
+              "Action": "s3:ListAllMyBuckets",
+              "Resource": "*"
+            }
           ]
-      }
-    EOT
+        }
+      EOT
     },
   },
 }
diff --git a/terraform/aws/projects/nasa-ghg.tfvars b/terraform/aws/projects/nasa-ghg.tfvars
@@ -19,106 +19,106 @@ hub_cloud_permissions = {
     "user-sa" : {
       bucket_admin_access : ["scratch-staging"],
       extra_iam_policy : <<-EOT
-      {
+        {
           "Version": "2012-10-17",
           "Statement": [
-              {
-                  "Effect": "Allow",
-                  "Action": [
-                      "s3:PutObject",
-                      "s3:GetObject",
-                      "s3:ListBucketMultipartUploads",
-                      "s3:AbortMultipartUpload",
-                      "s3:ListBucketVersions",
-                      "s3:ListBucket",
-                      "s3:DeleteObject",
-                      "s3:GetBucketLocation",
-                      "s3:ListMultipartUploadParts"
-                  ],
-                  "Resource": [
-                      "arn:aws:s3:::ghgc-data-staging",
-                      "arn:aws:s3:::ghgc-data-staging/*",
-                      "arn:aws:s3:::ghgc-data-store-dev",
-                      "arn:aws:s3:::ghgc-data-store-dev/*",
-                      "arn:aws:s3:::ghgc-data-store",
-                      "arn:aws:s3:::ghgc-data-store/*",
-                      "arn:aws:s3:::ghgc-data-store-staging",
-                      "arn:aws:s3:::ghgc-data-store-staging/*",
-                      "arn:aws:s3:::veda-data-store-staging",
-                      "arn:aws:s3:::veda-data-store-staging/*",
-                      "arn:aws:s3:::lp-prod-protected",
-                      "arn:aws:s3:::lp-prod-protected/*",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected/*",
-                      "arn:aws:s3:::podaac-ops-cumulus-public",
-                      "arn:aws:s3:::podaac-ops-cumulus-public/*",
-                      "arn:aws:s3:::podaac-ops-cumulus-protected",
-                      "arn:aws:s3:::podaac-ops-cumulus-protected/*"
-                  ]
-              },
-              {
-                  "Effect": "Allow",
-                  "Action": "s3:ListAllMyBuckets",
-                  "Resource": "*"
-              }
+            {
+              "Effect": "Allow",
+              "Action": [
+                "s3:PutObject",
+                "s3:GetObject",
+                "s3:ListBucketMultipartUploads",
+                "s3:AbortMultipartUpload",
+                "s3:ListBucketVersions",
+                "s3:ListBucket",
+                "s3:DeleteObject",
+                "s3:GetBucketLocation",
+                "s3:ListMultipartUploadParts"
+              ],
+              "Resource": [
+                "arn:aws:s3:::ghgc-data-staging",
+                "arn:aws:s3:::ghgc-data-staging/*",
+                "arn:aws:s3:::ghgc-data-store-dev",
+                "arn:aws:s3:::ghgc-data-store-dev/*",
+                "arn:aws:s3:::ghgc-data-store",
+                "arn:aws:s3:::ghgc-data-store/*",
+                "arn:aws:s3:::ghgc-data-store-staging",
+                "arn:aws:s3:::ghgc-data-store-staging/*",
+                "arn:aws:s3:::veda-data-store-staging",
+                "arn:aws:s3:::veda-data-store-staging/*",
+                "arn:aws:s3:::lp-prod-protected",
+                "arn:aws:s3:::lp-prod-protected/*",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
+                "arn:aws:s3:::ornl-cumulus-prod-protected",
+                "arn:aws:s3:::ornl-cumulus-prod-protected/*",
+                "arn:aws:s3:::podaac-ops-cumulus-public",
+                "arn:aws:s3:::podaac-ops-cumulus-public/*",
+                "arn:aws:s3:::podaac-ops-cumulus-protected",
+                "arn:aws:s3:::podaac-ops-cumulus-protected/*"
+              ]
+            },
+            {
+              "Effect": "Allow",
+              "Action": "s3:ListAllMyBuckets",
+              "Resource": "*"
+            }
           ]
-      }
-    EOT
+        }
+      EOT
     },
   },
   "prod" : {
     "user-sa" : {
       bucket_admin_access : ["scratch"],
       extra_iam_policy : <<-EOT
-      {
+        {
           "Version": "2012-10-17",
           "Statement": [
-              {
-                  "Effect": "Allow",
-                  "Action": [
-                      "s3:PutObject",
-                      "s3:GetObject",
-                      "s3:ListBucketMultipartUploads",
-                      "s3:AbortMultipartUpload",
-                      "s3:ListBucketVersions",
-                      "s3:ListBucket",
-                      "s3:DeleteObject",
-                      "s3:GetBucketLocation",
-                      "s3:ListMultipartUploadParts"
-                  ],
-                  "Resource": [
-                      "arn:aws:s3:::ghgc-data-staging",
-                      "arn:aws:s3:::ghgc-data-staging/*",
-                      "arn:aws:s3:::ghgc-data-store-dev",
-                      "arn:aws:s3:::ghgc-data-store-dev/*",
-                      "arn:aws:s3:::ghgc-data-store",
-                      "arn:aws:s3:::ghgc-data-store/*",
-                      "arn:aws:s3:::ghgc-data-store-staging",
-                      "arn:aws:s3:::ghgc-data-store-staging/*",
-                      "arn:aws:s3:::veda-data-store-staging",
-                      "arn:aws:s3:::veda-data-store-staging/*",
-                      "arn:aws:s3:::lp-prod-protected",
-                      "arn:aws:s3:::lp-prod-protected/*",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected",
-                      "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected",
-                      "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected",
-                      "arn:aws:s3:::ornl-cumulus-prod-protected/*"
-                  ]
-              },
-              {
-                  "Effect": "Allow",
-                  "Action": "s3:ListAllMyBuckets",
-                  "Resource": "*"
-              }
+            {
+              "Effect": "Allow",
+              "Action": [
+                "s3:PutObject",
+                "s3:GetObject",
+                "s3:ListBucketMultipartUploads",
+                "s3:AbortMultipartUpload",
+                "s3:ListBucketVersions",
+                "s3:ListBucket",
+                "s3:DeleteObject",
+                "s3:GetBucketLocation",
+                "s3:ListMultipartUploadParts"
+              ],
+              "Resource": [
+                "arn:aws:s3:::ghgc-data-staging",
+                "arn:aws:s3:::ghgc-data-staging/*",
+                "arn:aws:s3:::ghgc-data-store-dev",
+                "arn:aws:s3:::ghgc-data-store-dev/*",
+                "arn:aws:s3:::ghgc-data-store",
+                "arn:aws:s3:::ghgc-data-store/*",
+                "arn:aws:s3:::ghgc-data-store-staging",
+                "arn:aws:s3:::ghgc-data-store-staging/*",
+                "arn:aws:s3:::veda-data-store-staging",
+                "arn:aws:s3:::veda-data-store-staging/*",
+                "arn:aws:s3:::lp-prod-protected",
+                "arn:aws:s3:::lp-prod-protected/*",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected",
+                "arn:aws:s3:::gesdisc-cumulus-prod-protected/*",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected",
+                "arn:aws:s3:::nsidc-cumulus-prod-protected/*",
+                "arn:aws:s3:::ornl-cumulus-prod-protected",
+                "arn:aws:s3:::ornl-cumulus-prod-protected/*"
+              ]
+            },
+            {
+              "Effect": "Allow",
+              "Action": "s3:ListAllMyBuckets",
+              "Resource": "*"
+            }
           ]
-      }
-    EOT
+        }
+      EOT
     },
   },
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -54,7 +54,7 @@ hub_cloud_permissions = { @@
                   }
               ]
             }
-        EOT
+          EOT
         },
       },
       "prod" : {
@@ Expand Down Expand Up / @@ -90,7 +90,7 @@ hub_cloud_permissions = { @@
                   }
               ]
             }
-        EOT
+          EOT
         },
       },
     }