Skip to content

Commit

Permalink
bucket_access_roles_arn_list as list
Browse files Browse the repository at this point in the history
  • Loading branch information
@mslipets
mslipets committed Mar 11, 2020
1 parent 23d0355 commit 5804132
Showing 1 changed file with 17 additions and 4 deletions.
21 changes: 17 additions & 4 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ resource "aws_s3_bucket" "default" {
data "aws_iam_policy_document" "s3_bucket_policy" {
statement {
actions = [
"s3:GetObject",
"s3:GetObject"
]

resources = [
Expand Down Expand Up @@ -149,9 +149,7 @@ data "aws_iam_policy_document" "s3_bucket_policy" {
statement {
actions = [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject"
"s3:ListBucket"
]

resources = [
Expand All @@ -164,6 +162,21 @@ data "aws_iam_policy_document" "s3_bucket_policy" {
}
}

statement {
actions = [
"s3:GetObject",
"s3:PutObject"
]

resources = [
"${aws_s3_bucket.default.arn}/*",
]

principals {
type = "Service"
identifiers = var.bucket_access_roles_arn_list
}
}
}

resource "aws_s3_bucket_policy" "bucket_policy" {
Expand Down

0 comments on commit 5804132

Please sign in to comment.