Combines the S3 Bucket for portal-shared-artifacts with the codebuild project

Solves an encryption key issue.

To be tagged v5.1.0

base/codebuild_splunk_docs/main.tf

@@ -6,7 +6,7 @@ resource "aws_codebuild_project" "this" {
   name                   = "splunk_docs_${var.repository}"
   description            = "Splunk Documentation build from ${var.repository} repository"
   service_role           = aws_iam_role.codebuild_splunk_docs_role.arn
-  encryption_key         = aws_kms_key.s3_codebuild_splunk_docs_artifacts.arn
+  encryption_key         = module.artifacts_bucket.keyarn
   badge_enabled          = var.badge_enabled
   concurrent_build_limit = 1
   build_timeout          = 60

base/codebuild_splunk_docs/outputs.tf

@@ -0,0 +1,8 @@
+output "role_arn" {
+  # The role to assume into
+  value = module.artifacts_bucket.role_arn
+}
+
+output "BucketName" {
+  value = module.artifacts_bucket.BucketName
+}

base/codebuild_splunk_docs/s3.tf

@@ -0,0 +1,32 @@
+module "artifacts_bucket" {
+  source = "../generic_s3_bucket_with_role"
+
+  # Module specific variables
+  name = "portal-shared-artifacts"
+  role_assumers = [
+    "arn:${var.aws_partition}:iam::${var.aws_account_id}:role/portal-instance-role",
+  ]
+  extra_principals = [
+    aws_iam_role.codebuild_splunk_docs_role.arn
+  ]
+  tags = var.tags
+
+  # Pass through all variables required by constants.tf
+  binaries_bucket                 = var.binaries_bucket
+  environment                     = var.environment
+  transit_gateway_account_name    = var.transit_gateway_account_name
+  dns_info                        = var.dns_info
+  c2_accounts                     = var.c2_accounts
+  aws_partition                   = var.aws_partition
+  aws_partition_alias             = var.aws_partition_alias
+  common_services_account         = var.common_services_account
+  common_profile                  = var.common_profile
+  tfstate_region                  = var.tfstate_region
+  aws_region                      = var.aws_region
+  ses_region                      = var.ses_region
+  account_name                    = var.account_name
+  account_alias                   = var.account_alias
+  aws_account_id                  = var.aws_account_id
+  instance_termination_protection = var.instance_termination_protection
+  splunk_prefix                   = var.splunk_prefix
+}

base/generic_s3_bucket_with_role/outputs.tf

@@ -6,3 +6,7 @@ output "role_arn" {
 output "BucketName" {
   value = aws_s3_bucket.bucket.id
 }
+
+output "keyarn" {
+  value = aws_kms_key.bucketkey.arn
+}