如何在 terraform 的 AWS S3 存储桶策略中获取 sid
[英]how to get sid in AWS S3 bucket policy in terraform
问题描述
我想将策略附加到 S3 存储桶资源。
我的 terraform 基础设施,
resource "aws_s3_bucket" "storage" {
bucket = "${var.service}-${local.stage}-storage"
acl = "public-read"
tags = {
Service = var.service
Stage = local.stage
}
cors_rule {
allowed_headers = [
"*"
]
allowed_methods = [
"GET",
"HEAD"
]
allowed_origins = [
"*"
]
max_age_seconds = 3000
}
}
此存储桶用于 web static 文件托管。我需要公开存储桶策略。
我在 terraform 中的保单,
resource "aws_s3_bucket_policy" "storage-policy" {
bucket = aws_s3_bucket.storage.id
policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "????????",
"Statement": [
{
"Sid": "????????",
"Effect": "Allow",
"Principal": "*",
"Action": "*",
"Resource": "arn:aws:s3:::BUCKET-NAME/*"
}
]
}
POLICY
}
在这段代码中,我需要获取 Id、Sid 字段值。 我怎么能得到这个? 谢谢。
1 个解决方案
解决方案1
0 已采纳 2020-07-31 00:30:16
Id和Sid是你想要的任何东西。 例如:
resource "aws_s3_bucket_policy" "storage-policy" {
bucket = aws_s3_bucket.storage.id
policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "my-bucket-polict",
"Statement": [
{
"Sid": "allow-all-access",
"Effect": "Allow",
"Principal": "*",
"Action": "*",
"Resource": "arn:aws:s3:::BUCKET-NAME/*"
}
]
}
POLICY
}
terraform cloudfront 分发源 - 如何更新 s3 存储桶策略
[英]terraform cloudfront distribution origin - how to update s3 bucket policy
如何使用对流层将 OriginAccessIdentity 添加到 AWS S3 存储桶策略
[英]How to add OriginAccessIdentity to AWS S3 Bucket Policy using troposphere
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.