# bucket
resource "aws_s3_bucket" "bucket" {
bucket = "${var.bucket}"
force_destroy = "true"
versioning {
enabled = "true"
}
tags = "${var.tags}"
}
# grant user access to the bucket
resource "aws_s3_bucket_policy" "bucket_policy" {
bucket = "${aws_s3_bucket.bucket.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal":{
"AWS": "${var.user_arn}"
},
"Action": [ "s3:*" ],
"Resource": [
"${aws_s3_bucket.bucket.arn}",
"${aws_s3_bucket.bucket.arn}/*"
]
}
]
}
EOF
}
output "bucket" {
value = "${aws_s3_bucket.bucket.bucket}"
}
Created
August 9, 2017 13:48
-
-
Save jritsema/69e1e4a3638aced41f4c7957f37393f2 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment