Last active
May 31, 2016 19:47
-
-
Save fields/1af00ad7608246035e93e7813bd30571 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Even after terraform apply, terraform plan still sees policy changes: | |
| ~ aws_s3_bucket.bucketname | |
| policy: "{\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::xxxxx:root\"},\"Resource\":\"arn:aws:s3:::bucketname/*\",\"Sid\":\"\"}],\"Version\":\"2012-10-17\"}" => "{\"Statement\":[{\"Action\":\"s3:PutObject\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam:xxxx:root\"},\"Resource\":\"arn:aws:s3:::bucketname/*\"}],\"Version\":\"2012-10-17\"}" | |
| The policy file I’m specifying doesn’t have a SID, because a) I don’t want to hardcode that (and it should be optional), and b) it may be applied to multiple buckets. | |
| This is the policy file: | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "AWS": "arn:aws:iam::xxxxx:root" | |
| }, | |
| "Action": "s3:PutObject", | |
| "Resource": "arn:aws:s3:::bucketname/*" | |
| } | |
| ] | |
| } | |
| Is there any way around this besides telling terraform to ignore policy changes? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment