rexroof/tf_kinesis_iam_error

## tf_kinesis_iam_error
provider "aws" {
  region = "us-east-1"
}

data "aws_region" "current" { }
variable "stream_name" { default = "testing_example" }

resource "random_string" "rand" {
  length = 16
  special = false
}

resource "aws_kinesis_stream" "stream" {
  name             = "${var.stream_name}"
  shard_count      = 1
  retention_period = 24
}

resource "aws_s3_bucket" "bucket" {
  bucket = "${var.stream_name}-${random_string.rand.result}-${data.aws_region.current.name}"
  acl    = "private"
}

resource "aws_iam_role" "firehose-role" {
  name               = "${var.stream_name}_firehose"
  assume_role_policy = <<EOF
{ "Version": "2012-10-17",
  "Statement": [ {
  "Action": "sts:AssumeRole",
  "Principal": { "Service": "firehose.amazonaws.com" },
  "Effect": "Allow",
  "Sid": "" } ]
}
EOF
}

resource "aws_iam_role_policy" "inline-policy" {
  name   = "${var.stream_name}_firehose_inline_policy"
  role   = "${aws_iam_role.firehose-role.id}"
  policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:GetBucketLocation",
        "s3:GetObject",
        "s3:ListBucket",
        "s3:ListBucketMultipartUploads",
        "s3:PutObject"
      ],
      "Resource": [
        "${aws_s3_bucket.bucket.arn}",
        "${aws_s3_bucket.bucket.arn}/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "kinesis:DescribeStream",
        "kinesis:GetShardIterator",
        "kinesis:GetRecords"
      ],
      "Resource": "${aws_kinesis_stream.stream.arn}"
    }
  ]
}
EOF
}

resource "aws_kinesis_firehose_delivery_stream" "fh_stream" {
  name        = "${var.stream_name}_firehose"
  destination = "extended_s3"

  kinesis_source_configuration {
    kinesis_stream_arn = "${aws_kinesis_stream.stream.arn}"
    role_arn           = "${aws_iam_role.firehose-role.arn}"
  }

  extended_s3_configuration {
    role_arn        = "${aws_iam_role.firehose-role.arn}"
    bucket_arn      = "${aws_s3_bucket.bucket.arn}"
    buffer_size     = 1
    buffer_interval = 60
  }
}
	provider "aws" {
	region = "us-east-1"
	}

	data "aws_region" "current" { }
	variable "stream_name" { default = "testing_example" }

	resource "random_string" "rand" {
	length = 16
	special = false
	}

	resource "aws_kinesis_stream" "stream" {
	name = "${var.stream_name}"
	shard_count = 1
	retention_period = 24
	}

	resource "aws_s3_bucket" "bucket" {
	bucket = "${var.stream_name}-${random_string.rand.result}-${data.aws_region.current.name}"
	acl = "private"
	}

	resource "aws_iam_role" "firehose-role" {
	name = "${var.stream_name}_firehose"
	assume_role_policy = <<EOF
	{ "Version": "2012-10-17",
	"Statement": [ {
	"Action": "sts:AssumeRole",
	"Principal": { "Service": "firehose.amazonaws.com" },
	"Effect": "Allow",
	"Sid": "" } ]
	}
	EOF
	}

	resource "aws_iam_role_policy" "inline-policy" {
	name = "${var.stream_name}_firehose_inline_policy"
	role = "${aws_iam_role.firehose-role.id}"
	policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"s3:AbortMultipartUpload",
	"s3:GetBucketLocation",
	"s3:GetObject",
	"s3:ListBucket",
	"s3:ListBucketMultipartUploads",
	"s3:PutObject"
	],
	"Resource": [
	"${aws_s3_bucket.bucket.arn}",
	"${aws_s3_bucket.bucket.arn}/*"
	]
	},
	{
	"Effect": "Allow",
	"Action": [
	"kinesis:DescribeStream",
	"kinesis:GetShardIterator",
	"kinesis:GetRecords"
	],
	"Resource": "${aws_kinesis_stream.stream.arn}"
	}
	]
	}
	EOF
	}

	resource "aws_kinesis_firehose_delivery_stream" "fh_stream" {
	name = "${var.stream_name}_firehose"
	destination = "extended_s3"

	kinesis_source_configuration {
	kinesis_stream_arn = "${aws_kinesis_stream.stream.arn}"
	role_arn = "${aws_iam_role.firehose-role.arn}"
	}

	extended_s3_configuration {
	role_arn = "${aws_iam_role.firehose-role.arn}"
	bucket_arn = "${aws_s3_bucket.bucket.arn}"
	buffer_size = 1
	buffer_interval = 60
	}
	}