By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Using terraform to create bucket - error

0

When I run the terraform script below, the following error is throw during apply:

Enter image description here

The bucket does get created but no policy is added (I have not included the actual bucket name which obviously is in the script).

Any ideas?

provider "aws" {
  region = "eu-west-1"
}

resource "aws_s3_bucket" "bucket" {
  bucket = "MYBUCKET"
}

resource "aws_s3_bucket_public_access_block" "public_access_block" {
  bucket = aws_s3_bucket.bucket.id

  block_public_acls       = false
  block_public_policy     = false
  ignore_public_acls      = false
  restrict_public_buckets = false
}


resource "aws_s3_bucket_website_configuration" "website" {
  bucket = aws_s3_bucket.bucket.bucket

  index_document {
    suffix = "index.html"
  }

  error_document {
    key = "error.html"
  }
}

resource "aws_s3_bucket_policy" "bucket_policy" {
  bucket = aws_s3_bucket.bucket.id

  policy = <<POLICY
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::MYBUCKET/*"
    }
  ]
}
POLICY
}
Topics
StorageSecurity, Identity, & Compliance
Tags
Amazon Simple Storage ServiceIAM PoliciesTerraform
Language
English
CD
asked 3 months ago431 views
1 Answer
0

Look in Cloudtrail to see if there is anything to show what permission was denied when trying to create the bucket policy.

profile picture
EXPERT
Steve_M
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content