Difference between revisions of "Terraform data source: aws iam policy document"
Jump to navigation
Jump to search
Line 5: | Line 5: | ||
== Related == | == Related == | ||
− | * <code>[[aws_iam_policy]]</code> | + | * Terraform resource: <code>[[aws_iam_policy]]</code> |
* <code>[[aws_iam_role]]</code> | * <code>[[aws_iam_role]]</code> | ||
* <code>[[aws_iam_role_policy_attachment]]</code> | * <code>[[aws_iam_role_policy_attachment]]</code> |
Revision as of 09:28, 12 June 2024
Examples
resource "aws_s3_bucket" "example" { bucket = "my-tf-test-bucket" } resource "aws_s3_bucket_policy" "allow_access_from_another_account" { bucket = aws_s3_bucket.example.id policy = data.aws_iam_policy_document.allow_access_from_another_account.json } data "aws_iam_policy_document" "allow_access_from_another_account" { statement { principals { type = "AWS" identifiers = ["123456789012"] } actions = [ "s3:GetObject", "s3:ListBucket", ] resources = [ aws_s3_bucket.example.arn, "${aws_s3_bucket.example.arn}/*", ] } }
Related
- Terraform resource:
aws_iam_policy
aws_iam_role
aws_iam_role_policy_attachment
PublicReadGetObject
See also
- AWS Data sources:
aws_region
,aws_vpc
,aws_caller_identity
,aws_availability_zones
,aws_eip
,aws_flow_log
,template_file, aws_ami
- Terraform S3 resources:
aws_s3_bucket, aws_s3_object, aws_s3_bucket_policy, aws_s3_bucket_acl, aws_s3_bucket_website_configuration, aws_s3_bucket cors_configuration, aws_s3_account_public_access_block
, Terraform module: s3-bucket,aws_s3_bucket_versioning, aws_s3_bucket_server_side_encryption_configuration, aws_s3_bucket_logging
Advertising: