My Saved Presets
You must be logged in to view saved presets

Loading Library ...

S3 Bucket with Custom Grants

Creates an S3 bucket with custom grants, specifying access permissions for different users and groups.

example

aws_s3_bucket


grant

permissions


cors_rule

allowed_headers

allowed_methods

allowed_origins

expose_headers

lifecycle_rule


expiration

transition


noncurrent_version_expiration
noncurrent_version_transition

logging


object_lock_configuration

rule
apply_server_side_encryption_by_default


replication_configuration

rules
destination



access_control_translation


replication_time
metrics
filter



source_selection_criteria
sse_kms_encrypted_objects
server_side_encryption_configuration
rule
apply_server_side_encryption_by_default

versioning
website



routing_rules

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_s3_bucket_acl


access_control_policy
grant
grantee




grantee




owner





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_s3_bucket_ownership_controls


rule

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



current

aws_canonical_user_id

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

data "aws_canonical_user_id" "current" {
}

resource "aws_s3_bucket" "example" {
  bucket = "my-tf-example-bucket"
}

resource "aws_s3_bucket_acl" "example" {

  access_control_policy {

    grant {

      grantee {
        id = data.aws_canonical_user_id.current.id
        type = "CanonicalUser"
      }
      permission = "READ"
    }

    grant {

      grantee {
        type = "Group"
        uri = "http://acs.amazonaws.com/groups/s3/LogDelivery"
      }
      permission = "READ_ACP"
    }

    owner {
      id = data.aws_canonical_user_id.current.id
    }
  }
  bucket = aws_s3_bucket.example.id
  depends_on = ["aws_s3_bucket_ownership_controls.example"]
}

resource "aws_s3_bucket_ownership_controls" "example" {
  bucket = aws_s3_bucket.example.id

  rule {
    object_ownership = "BucketOwnerPreferred"
  }
}

© 2024 asecurecloud. All rights reserved.