Difference between revisions of "Terraform data source: aws iam policy document"

From wikieduonline
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 5: Line 5:
  
 
== Related ==
 
== Related ==
* <code>[[aws_iam_policy]]</code>
+
* Terraform resource: <code>[[aws_iam_policy]]</code>
 
* <code>[[aws_iam_role]]</code>
 
* <code>[[aws_iam_role]]</code>
 
* <code>[[aws_iam_role_policy_attachment]]</code>
 
* <code>[[aws_iam_role_policy_attachment]]</code>
 
* <code>[[PublicReadGetObject]]</code>
 
* <code>[[PublicReadGetObject]]</code>
 +
* [[aws_lambda_function]]
  
 
== See also ==
 
== See also ==
 
* {{terraform aws data sources}}
 
* {{terraform aws data sources}}
* {{terraform aws resources}}
+
* {{tf s3}}
 
 
  
 
[[Category:Terraform]]
 
[[Category:Terraform]]

Latest revision as of 15:02, 23 July 2024

Examples[edit]

resource "aws_s3_bucket" "example" {
  bucket = "my-tf-test-bucket"
}

resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
  bucket = aws_s3_bucket.example.id
  policy = data.aws_iam_policy_document.allow_access_from_another_account.json
}

data "aws_iam_policy_document" "allow_access_from_another_account" {
 statement {
   principals {
     type        = "AWS"
     identifiers = ["123456789012"]
   }

   actions = [
     "s3:GetObject",
     "s3:ListBucket",
   ]

   resources = [
     aws_s3_bucket.example.arn,
     "${aws_s3_bucket.example.arn}/*",
   ]
 }
}

Related[edit]

See also[edit]

Advertising: