Merge pull request #17 from toluna-terraform/eventbridge-trigger

fix pipeline trigger

Author: Eli-Meitner

modules/ci-cd-codepipeline/data.tf

@@ -15,7 +15,7 @@ data "aws_iam_policy_document" "codepipeline_assume_role_policy" {
     actions = ["sts:AssumeRole"]
     principals {
       type        = "Service"
-      identifiers = ["codepipeline.amazonaws.com", "codedeploy.amazonaws.com", "events.amazonaws.com", "cloudtrail.amazonaws.com"]
+      identifiers = ["codepipeline.amazonaws.com", "codedeploy.amazonaws.com", "events.amazonaws.com"]
     }
   }
 }
@@ -37,12 +37,6 @@ data "aws_iam_policy_document" "codepipeline_role_policy" {
     ]
     resources = ["*"]
   }
-  statement {
-    actions = [
-      "logs:*",
-    ]
-    resources = ["*"]
-  }
   statement {
     actions   = ["codestar-connections:UseConnection"]
     resources = ["*"]

modules/ci-cd-codepipeline/main.tf

@@ -161,23 +161,3 @@ resource "aws_cloudwatch_event_target" "trigger_pipeline" {
   arn       = aws_codepipeline.codepipeline.arn
   role_arn = aws_iam_role.codepipeline_role.arn
 }
-
-resource "aws_cloudwatch_log_group" "trigger_pipeline" {
-  name = "${local.codepipeline_name}-cloud-trail"
-  retention_in_days = 3
-}
-
-resource "aws_cloudtrail" "trigger_pipeline" {
-  name = "${local.codepipeline_name}-cloud-trail"
-  s3_bucket_name = "${var.s3_bucket}"
-  cloud_watch_logs_group_arn = "${aws_cloudwatch_log_group.trigger_pipeline.arn}:*"
-  cloud_watch_logs_role_arn  = aws_iam_role.codepipeline_role.arn
-  event_selector {
-    read_write_type           = "WriteOnly"
-    include_management_events = false
-    data_resource {
-      type   = "AWS::S3::Object"
-      values = ["arn:aws:s3:::${var.s3_bucket}/${var.env_name}/source_artifacts.zip"]
-    }
-  }
-}