0

我正在尝试通过 Terraform 为我的 AWS S3 VPC 终端节点创建策略。

我的地形:

  policy = jsonencode({
      Sid    = "Restrict-Access-To-Specific-Bucket"
      Principal = "*"
      Action = "*"
      Effect = "Allow"
      Resource = [
        "arn:aws:s3:::${aws_s3_bucket.snowflake-data-bucket-raw.id}",
        "arn:aws:s3:::${aws_s3_bucket.snowflake-data-bucket-raw.id}/*"
      ]
  })

使用它时,我收到以下错误:

│ Error: Error creating VPC Endpoint: InvalidPolicyDocument: Please provide a valid VPC Endpoint policy
│       status code: 400, request id: 1b08a075-0c65-4f1c-92a9-bcbeced15db1

我不确定我的格式是否已关闭,或者我是否在某处遗漏了某个字段。任何帮助,将不胜感激。

4

1 回答 1

0

您缺少Statement应该包含所有内容的数组jsonencode({

在此处查看示例:

https://cloudonaut.io/defining-iam-policies-with-terraform/ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy

于 2021-12-03T23:36:35.593 回答