Difference between revisions of "Terraform resources: aws s3 bucket policy"
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
} | } | ||
| − | + | ||
| − | data "aws_iam_policy_document" "allow_access_from_another_account" { | + | data "[[aws_iam_policy_document]]" "allow_access_from_another_account" { |
statement { | statement { | ||
principals { | principals { | ||
| Line 32: | Line 32: | ||
] | ] | ||
} | } | ||
| − | } | + | } |
| − | |||
== See also == | == See also == | ||
Revision as of 13:54, 2 March 2023
aws_s3_bucket_policy
Official example
resource "aws_s3_bucket" "example" {
bucket = "my-tf-test-bucket"
}
resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
bucket = aws_s3_bucket.example.id
policy = data.aws_iam_policy_document.allow_access_from_another_account.json
}
data "aws_iam_policy_document" "allow_access_from_another_account" { statement { principals { type = "AWS" identifiers = ["123456789012"] }
actions = [
"s3:GetObject",
"s3:ListBucket",
]
resources = [
aws_s3_bucket.example.arn,
"${aws_s3_bucket.example.arn}/*",
]
}
}
See also
- Terraform S3 resources:
aws_s3_bucket, aws_s3_object, aws_s3_bucket_policy, aws_s3_bucket_acl, aws_s3_bucket_website_configuration, aws_s3_bucket cors_configuration, aws_s3_account_public_access_block, Terraform module: s3-bucket,aws_s3_bucket_versioning, aws_s3_bucket_server_side_encryption_configuration
Advertising:
