Reputation: 309
Terraform aws_s3_bucket_policy syntax is unclear
In the terraform documentation we are provided with the markup as attached below. I cant find any mention of what the purpose of the field "b" is and how it should be used in general.
resource "aws_s3_bucket" "b" {
bucket = "my_tf_test_bucket"
}
resource "aws_s3_bucket_policy" "b" {
bucket = "${aws_s3_bucket.b.id}"
policy =<<POLICY
{
"Version": "2012-10-17",
"Id": "MYBUCKETPOLICY",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::my_tf_test_bucket/*",
"Condition": {
"IpAddress": {"aws:SourceIp": "8.8.8.8/32"}
}
}
]
}
POLICY
}
Upvotes: 1
Views: 825
Answers (1)
Reputation: 921
"b" is simply the NAME of the resource that you are creating.
Terraform resources are defined in "blocks", and each resource block creates a resource of the given TYPE (first parameter) and NAME (second parameter). The combination of the type and name must be unique.
So, in your example, you are creating a resource of TYPE aws_s3_bucket and NAME b.
Each resource defined has an id, that you can use to refer this resource in other resources, using a syntax like TYPE.NAME.id, for example ${aws_s3_bucket.b.id}
You can find further information in the doc here: https://www.terraform.io/docs/configuration/resources.html
Upvotes: 3
Related Questions
- Having trouble with a applying a bucket policy via Terraform
- How do I create an S3 bucket policy from a template in Terraform 0.12?
- Error putting S3 policy: MalformedPolicy: Invalid policy syntax
- Creating S3 policy with terraform
- terraform, s3 bucket policy
- Why am I getting a cycle error when setting a S3 bucket policy with a template file?
- Terraform tries to create s3 bucket policy although it exists
- Terraform use existing policy for s3 bucket
- Malformed S3 policy from Terraform
- terraform v0.9 - s3 backend, syntax issue