Difference between revisions of "Terraform resources: aws s3 bucket policy"
Jump to navigation
Jump to search
| Line 13: | Line 13: | ||
policy = [[data.]]aws_iam_policy_document.allow_access_from_another_account.json | policy = [[data.]]aws_iam_policy_document.allow_access_from_another_account.json | ||
} | } | ||
| − | + | ||
data "[[aws_iam_policy_document]]" "allow_access_from_another_account" { | data "[[aws_iam_policy_document]]" "allow_access_from_another_account" { | ||
statement { | statement { | ||
Revision as of 13:54, 2 March 2023
aws_s3_bucket_policy
Official example
resource "aws_s3_bucket" "example" {
bucket = "my-tf-test-bucket"
}
resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
bucket = aws_s3_bucket.example.id
policy = data.aws_iam_policy_document.allow_access_from_another_account.json
}
data "aws_iam_policy_document" "allow_access_from_another_account" {
statement {
principals {
type = "AWS"
identifiers = ["123456789012"]
}
actions = [
"s3:GetObject",
"s3:ListBucket",
]
resources = [
aws_s3_bucket.example.arn,
"${aws_s3_bucket.example.arn}/*",
]
}
}
See also
- Terraform S3 resources:
aws_s3_bucket, aws_s3_object, aws_s3_bucket_policy, aws_s3_bucket_acl, aws_s3_bucket_website_configuration, aws_s3_bucket cors_configuration, aws_s3_account_public_access_block, Terraform module: s3-bucket,aws_s3_bucket_versioning, aws_s3_bucket_server_side_encryption_configuration, aws_s3_bucket_logging
Advertising:
