Create a user/kms key with access to a single s3 bucket folder
module "example_bucket_example_folder_user" {
source = "git::https://github.com/UKHomeOffice/acp-tf-s3-folder-user?ref=0.0.1"
bucket_arn = "${module.example_bucket.s3_bucket_arn}"
bucket_name = "${module.example_bucket.s3_bucket_id}"
bucket_path = "example/folder/"
iam_user = "example-bucket-example-folder-user"
kms_alias = "example-bucket-example-folder-kms"
}
Name | Version |
---|---|
terraform | >= 1.0 |
aws | ~> 3.0 |
Name | Version |
---|---|
aws | 3.72.0 |
No modules.
Name | Type |
---|---|
aws_iam_policy.s3_folder_iam_policy | resource |
aws_iam_policy.s3_folder_kms_iam_policy | resource |
aws_iam_user.s3_bucket_iam_user | resource |
aws_iam_user_policy_attachment.attach_s3_bucket_kms_iam_policy | resource |
aws_iam_user_policy_attachment.attach_s3_folder_iam_policy | resource |
aws_kms_alias.s3_bucket_kms_alias | resource |
aws_kms_key.s3_bucket_kms_key | resource |
aws_caller_identity.current | data source |
aws_iam_policy_document.kms_key_policy_document | data source |
aws_iam_policy_document.s3_folder_kms_policy_document | data source |
aws_iam_policy_document.s3_folder_policy_document | data source |
aws_region.current | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
bucket_arn | n/a | any |
n/a | yes |
bucket_name | n/a | any |
n/a | yes |
bucket_path | n/a | string |
"" |
no |
iam_user | n/a | any |
n/a | yes |
kms_alias | n/a | any |
n/a | yes |
No outputs.