From f7e5c956611cab56032eedb434c6d46dab17eeaa Mon Sep 17 00:00:00 2001
From: kakakakakku <y.yoshida22@gmail.com>
Date: Sat, 19 Jul 2025 17:26:01 +0900
Subject: [PATCH 1/3] apigw-lambda-dynamodb-terraform: Update runtime to
 python3.13

---
 apigw-lambda-dynamodb-terraform/main.tf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apigw-lambda-dynamodb-terraform/main.tf b/apigw-lambda-dynamodb-terraform/main.tf
index 00c777023..8cb726581 100644
--- a/apigw-lambda-dynamodb-terraform/main.tf
+++ b/apigw-lambda-dynamodb-terraform/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0.0"
+      version = "~> 5.0"
     }
     random = {
       source  = "hashicorp/random"
@@ -85,7 +85,7 @@ resource "aws_lambda_function" "apigw_lambda_ddb" {
   s3_bucket = aws_s3_bucket.lambda_bucket.id
   s3_key    = aws_s3_object.this.key
 
-  runtime = "python3.8"
+  runtime = "python3.13"
   handler = "app.lambda_handler"
 
   source_code_hash = data.archive_file.lambda_zip.output_base64sha256
@@ -222,4 +222,4 @@ resource "aws_lambda_permission" "api_gw" {
   principal     = "apigateway.amazonaws.com"
 
   source_arn = "${aws_apigatewayv2_api.http_lambda.execution_arn}/*/*"
-}
\ No newline at end of file
+}

From 17536abd5fdd2df5a052fc53f3c058669110248a Mon Sep 17 00:00:00 2001
From: kakakakakku <y.yoshida22@gmail.com>
Date: Sat, 19 Jul 2025 17:30:36 +0900
Subject: [PATCH 2/3] apigw-lambda-dynamodb-terraform: Add .gitignore

---
 apigw-lambda-dynamodb-terraform/.gitignore | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 apigw-lambda-dynamodb-terraform/.gitignore

diff --git a/apigw-lambda-dynamodb-terraform/.gitignore b/apigw-lambda-dynamodb-terraform/.gitignore
new file mode 100644
index 000000000..e1c9d6254
--- /dev/null
+++ b/apigw-lambda-dynamodb-terraform/.gitignore
@@ -0,0 +1 @@
+src.zip

From 3437871c13d673de21b875d77f9db4181cad8e88 Mon Sep 17 00:00:00 2001
From: kakakakakku <y.yoshida22@gmail.com>
Date: Sat, 19 Jul 2025 17:37:07 +0900
Subject: [PATCH 3/3] apigw-lambda-dynamodb-terraform: Use
 aws_s3_bucket_public_access_block instead of aws_s3_bucket_acl

---
 apigw-lambda-dynamodb-terraform/main.tf | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/apigw-lambda-dynamodb-terraform/main.tf b/apigw-lambda-dynamodb-terraform/main.tf
index 8cb726581..78df88551 100644
--- a/apigw-lambda-dynamodb-terraform/main.tf
+++ b/apigw-lambda-dynamodb-terraform/main.tf
@@ -56,9 +56,13 @@ resource "aws_s3_bucket" "lambda_bucket" {
   force_destroy = true
 }
 
-resource "aws_s3_bucket_acl" "private_bucket" {
+resource "aws_s3_bucket_public_access_block" "private_bucket" {
   bucket = aws_s3_bucket.lambda_bucket.id
-  acl    = "private"
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 data "archive_file" "lambda_zip" {