Simplifies member inputs and eliminates depends_on

CHANGELOG.md

@@ -6,7 +6,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p
 
 ### 1.0.0
 
-**Released**: 2022.05.13
+**Released**: 2022.05.20
 
 **Commit Delta**: [Change from 0.0.1 release](https://github.com/plus3it/terraform-aws-tardigrade-macie-member/compare/0.0.1...1.0.0)
 

modules/member/README.md

@@ -25,14 +25,13 @@ You can find example implementations of this module in the tests folder (create_
 
 | Name | Type |
 |------|------|
-| [aws_caller_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_member"></a> [member](#input\_member) | Macie member | <pre>object({<br>    email                                 = string      # (Required) Email address for member account.<br>    invitation_message                    = string      # (Optional) A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.<br>    invitation_disable_email_notification = bool        # (Optional) Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to true.<br>    tags                                  = map(string) # (Optional) A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.<br>  })</pre> | n/a | yes |
 | <a name="input_finding_publishing_frequency"></a> [finding\_publishing\_frequency](#input\_finding\_publishing\_frequency) | (Optional) Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are FIFTEEN\_MINUTES, ONE\_HOUR or SIX\_HOURS. | `string` | `"SIX_HOURS"` | no |
-| <a name="input_member"></a> [member](#input\_member) | Macie member | <pre>object({<br>    email                                 = string      # (Required) Email address for member account.<br>    status                                = string      # (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to ENABLED. Valid values are ENABLED or PAUSED.<br>    invite                                = string      # ((Optional) Boolean whether to invite the account to GuardDuty as a member. Defaults to false.<br>    invitation_message                    = string      # (Optional) A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.<br>    invitation_disable_email_notification = bool        # (Optional) Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to true.<br>    tags                                  = map(string) # (Optional) A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.<br>  })</pre> | `null` | no |
 | <a name="input_status"></a> [status](#input\_status) | (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to ENABLED. Valid values are ENABLED or PAUSED. | `string` | `"ENABLED"` | no |
 
 ## Outputs

modules/member/main.tf

@@ -15,19 +15,16 @@ resource "aws_macie2_account" "this" {
 resource "aws_macie2_member" "this" {
   provider = aws.administrator
 
-  account_id                            = data.aws_caller_identity.this.account_id
+  account_id                            = aws_macie2_account.this.id
   email                                 = var.member.email
-  status                                = var.member.status
   invite                                = true
   invitation_message                    = var.member.invitation_message
   invitation_disable_email_notification = var.member.invitation_disable_email_notification
+  status                                = var.status
   tags                                  = var.member.tags
-  depends_on                            = [aws_macie2_account.this]
 }
 
 # Create macie invite accepter in the member account
 resource "aws_macie2_invitation_accepter" "this" {
   administrator_account_id = aws_macie2_member.this.administrator_account_id
 }
-
-data "aws_caller_identity" "this" {}

modules/member/variables.tf

@@ -22,11 +22,8 @@ variable "member" {
   description = "Macie member"
   type = object({
     email                                 = string      # (Required) Email address for member account.
-    status                                = string      # (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to ENABLED. Valid values are ENABLED or PAUSED.
-    invite                                = string      # ((Optional) Boolean whether to invite the account to GuardDuty as a member. Defaults to false.
     invitation_message                    = string      # (Optional) A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.
     invitation_disable_email_notification = bool        # (Optional) Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value to true.
     tags                                  = map(string) # (Optional) A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.
   })
-  default = null
 }

tests/create_macie_member/main.tf

@@ -36,8 +36,6 @@ module "macie_member" {
 
   member = {
     email                                 = var.member_email
-    invite                                = true
-    status                                = "ENABLED"
     invitation_message                    = "You are invited to join Macie"
     invitation_disable_email_notification = true
     tags                                  = null