Difference between revisions of "Terraform resources: aws s3 bucket policy"

From wikieduonline
Jump to navigation Jump to search
 
(10 intermediate revisions by 2 users not shown)
Line 1: Line 1:
* https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy
+
<code>aws_s3_bucket_policy</code> resource <ref> https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy</ref>
 
 
aws_s3_bucket_policy
 
  
 
== Official example ==
 
== Official example ==
  
  resource "aws_s3_bucket" "example" {
+
  {{aws_s3_bucket_policy example}}
  bucket = "my-tf-test-bucket"
 
}
 
 
resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
 
  bucket = aws_s3_bucket.example.id
 
  policy = [[data.]]aws_iam_policy_document.allow_access_from_another_account.json
 
}
 
 
 
 
 
data "[[aws_iam_policy_document]]" "allow_access_from_another_account" {
 
  statement {
 
    principals {
 
      type        = "AWS"
 
      identifiers = ["123456789012"]
 
    }
 
  
    actions = [
+
== Errors ==
      "s3:GetObject",
+
* <code>[[Error: Error putting S3 policy: AccessDenied: Access Denied]]</code>
      "s3:ListBucket",
 
    ]
 
  
    resources = [
+
== Related ==
      aws_s3_bucket.example.arn,
+
* <code>[[count.index]]</code>
      "${aws_s3_bucket.example.arn}/*",
 
    ]
 
  }
 
}
 
  
 
== See also ==
 
== See also ==
 +
* {{aws_s3_bucket_policy}}
 
* {{tf s3}}
 
* {{tf s3}}
  
 
[[Category:AWS]]
 
[[Category:AWS]]

Latest revision as of 14:40, 25 January 2024

aws_s3_bucket_policy resource [1]

Official example[edit]

resource "aws_s3_bucket" "example" {
  bucket = "my-tf-test-bucket"
}

resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
  bucket = aws_s3_bucket.example.id
  policy = data.aws_iam_policy_document.allow_access_from_another_account.json
}

data "aws_iam_policy_document" "allow_access_from_another_account" {
 statement {
   principals {
     type        = "AWS"
     identifiers = ["123456789012"]
   }

   actions = [
     "s3:GetObject",
     "s3:ListBucket",
   ]

   resources = [
     aws_s3_bucket.example.arn,
     "${aws_s3_bucket.example.arn}/*",
   ]
 }
}

Errors[edit]

Related[edit]

See also[edit]

  • https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy
    • Retrieved from "https://www.wikieduonline.com/index.php?title=Terraform_resources:_aws_s3_bucket_policy&oldid=293274"

    Advertising: