in policies - reference s3 buckets from the defined modules instead of hardcoding bucket names

infrastructure/terraform/lambda/engine/main.tf

@@ -67,8 +67,14 @@ module "lambda" {
   )
 }
 
-# Policies and IAM
+### Policies and IAM
+# S3
 resource "aws_iam-role_policy_attachment" "engine_s3_read_and_write" {
   role = module.lambda.role_name
   policy_arn = data.terraform_remote_state.shared.outputs.engine_s3_read_and_write_arn
-}
+}
+
+# Logs
+
+
+# SQS

infrastructure/terraform/shared/main.tf

@@ -473,15 +473,14 @@ module "engine_s3_read_and_write" {
   policy_name        = "EngineReadandWriteS3"
   policy_description = "Allow Engine Lambda to read from and write to various S3 buckets"
   bucket_arns        = [
-    "arn:aws:s3:::retrofit-plan-inputs-${var.stage}",
-    "arn:aws:s3:::retrofit-data-${var.stage}",
-    "arn:aws:s3:::retrofit-sap-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-carbon-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-heat-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-carbon-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-heating-kwh-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-hotwater-kwh-predictions-${var.stage}",
-    "arn:aws:s3:::retrofit-energy-assessments-${var.stage}"
+    "arn:aws:s3:::${module.s3_presignable_bucket.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_sap_data.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_sap_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_carbon_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_heat_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_heating_kwh_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_hotwater_kwh_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_energy_assessments.bucket_name}"
   ]
   actions            = ["s3:*"]
   resource_paths     = ["/*"]