Fixed comment

modules/aws/volume-access/main.tf

@@ -2,13 +2,9 @@ data "aws_caller_identity" "current" {}
 locals {
   account_id                = data.aws_caller_identity.current.account_id
   external_id               = (var.external_id != "" ? [{ test : "StringEquals", variable : "sts:ExternalId", values : [var.external_id] }] : [])
-  assume_conditions         = concat(local.external_id, local.source_identity, local.principal_check, local.vendor_federation)
-  support_assume_conditions = concat(local.external_id, local.source_identity)
-  source_identity           = (length(var.source_identities) > 0 ? [{ test : var.source_identity_test, variable : "sts:SourceIdentity", values : var.source_identities }] : [])
+  assume_conditions         = local.external_id
   oidc_providers            = distinct(concat(var.oidc_providers, local.default_oidc_providers))
-  principal_check           = (length(var.streamnative_principal_ids) > 0 ? [{ test : "StringLike", variable : "aws:PrincipalArn", values : var.streamnative_principal_ids }] : [])
   tag_set                   = merge({ Vendor = "StreamNative", Module = "StreamNative Volume", SNVersion = var.sn_policy_version }, var.tags)
-  vendor_federation         = (var.enforce_vendor_federation ? [{ test : "StringLike", variable : "aws:FederatedProvider", values : ["accounts.google.com"] }] : [])
   # Add streamnative default eks oidc provider
   default_oidc_providers = compact([
 
@@ -89,7 +85,7 @@ resource "aws_iam_policy" "access_bucket_role" {
   name        = "sn-${var.external_id}-${var.bucket}-${var.path}"
   description = "This policy sets the limits for the access s3 bucket for StreamNative's vendor access."
   path        = "/StreamNative/"
-  policy = templatefile("${path.module}/files/sn_volume_s3_bucket.json.tpl",
+  policy = templatefile("${path.module}/files/volume_s3_bucket.json.tpl",
     {
       bucket = var.bucket
       path   = var.path

modules/aws/volume-access/variables.tf

@@ -4,42 +4,12 @@ variable "sn_policy_version" {
   type        = string
 }
 
-variable "region" {
-  default     = "*"
-  description = "The AWS region where your instance of StreamNative Cloud is deployed. Defaults to all regions \"*\""
-  type        = string
-}
-
 variable "streamnative_vendor_access_role_arns" {
   default     = ["arn:aws:iam::311022431024:role/cloud-manager"]
   description = "This role for access customer s3 bucket on control plane."
   type        = list(string)
 }
 
-variable "additional_federated_identifiers" {
-  default     = []
-  description = "This federated identified list for access customer s3 bucket on data plane."
-  type        = list(string)
-}
-
-variable "streamnative_principal_ids" {
-  default     = []
-  description = "When set, this applies an additional check for certain StreamNative principals to futher restrict access to which services / users can access an account."
-  type        = list(string)
-}
-
-variable "source_identities" {
-  default     = []
-  description = "Place an additional constraint on source identity, disabled by default and only to be used if specified by StreamNative"
-  type        = list(any)
-}
-
-variable "source_identity_test" {
-  default     = "ForAnyValue:StringLike"
-  description = "The test to use for source identity"
-  type        = string
-}
-
 variable "external_id" {
   default     = ""
   description = "A external ID that correspond to your Organization within StreamNative Cloud, used for all STS assume role calls to the IAM roles created by the module. This will be the organization ID in the StreamNative console, e.g. \"o-xhopj\"."
@@ -52,12 +22,6 @@ variable "tags" {
   type        = map(string)
 }
 
-variable "enforce_vendor_federation" {
-  default     = false
-  description = "Do not enable this unless explicitly told to do so by StreamNative. Restrict access for the streamnative_vendor_access_role_arns to only federated Google accounts. Intended to be true by default in the future."
-  type        = bool
-}
-
 variable "bucket" {
   description = "User bucket name"
   type        = string