» Resource: aws_s3_bucket_policy
Attaches a policy to an S3 bucket resource.
» Example Usage
» Basic Usage
resource "aws_s3_bucket" "b" {
bucket = "my_tf_test_bucket"
}
resource "aws_s3_bucket_policy" "b" {
bucket = "${aws_s3_bucket.b.id}"
policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "MYBUCKETPOLICY",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::my_tf_test_bucket/*",
"Condition": {
"IpAddress": {"aws:SourceIp": "8.8.8.8/32"}
}
}
]
}
POLICY
}
» Argument Reference
The following arguments are supported:
-
bucket
- (Required) The name of the bucket to which to apply the policy. -
policy
- (Required) The text of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.
» Import
S3 bucket policies can be imported using the bucket name, e.g.
$ terraform import aws_s3_bucket_policy.example my-bucket-name