Difference between revisions of "Template:Aws s3 bucket policy example"
Jump to navigation
Jump to search
(Created page with " resource "aws_s3_bucket" "example" { bucket = "my-tf-test-bucket" } resource "aws_s3_bucket_policy" "allow_access_from_another_account" { bucket = aws_s3_bucket.ex...") |
|||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | resource "aws_s3_bucket" "example" { | + | resource "[[aws_s3_bucket]]" "example" { |
bucket = "my-tf-test-bucket" | bucket = "my-tf-test-bucket" | ||
} | } | ||
| − | resource "aws_s3_bucket_policy" "allow_access_from_another_account" { | + | resource "[[aws_s3_bucket_policy]]" "allow_access_from_another_account" { |
bucket = aws_s3_bucket.example.id | bucket = aws_s3_bucket.example.id | ||
| − | policy = [[data.]]aws_iam_policy_document.allow_access_from_another_account.json | + | policy = [[data.]][[aws_iam_policy_document]].allow_access_from_another_account.json |
} | } | ||
| Line 17: | Line 17: | ||
actions = [ | actions = [ | ||
| − | "s3:GetObject", | + | "[[s3:GetObject]]", |
| − | "s3:ListBucket", | + | "[[s3:ListBucket]]", |
] | ] | ||
Latest revision as of 08:39, 8 June 2023
resource "aws_s3_bucket" "example" { bucket = "my-tf-test-bucket" } resource "aws_s3_bucket_policy" "allow_access_from_another_account" { bucket = aws_s3_bucket.example.id policy = data.aws_iam_policy_document.allow_access_from_another_account.json } data "aws_iam_policy_document" "allow_access_from_another_account" { statement { principals { type = "AWS" identifiers = ["123456789012"] } actions = [ "s3:GetObject", "s3:ListBucket", ] resources = [ aws_s3_bucket.example.arn, "${aws_s3_bucket.example.arn}/*", ] } }
Advertising:
