StevieHyperB
Reputation: 347
Terraform provisioner local-exec - aws cli
Trying to use AWS cli to put-public-access-block on an s3 bucket but running into an issue and cannot work it out.
This is my code;
resource "aws_s3_bucket" "test" {
bucket = "blah-blah"
versioning {
enabled = false
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
tags {
Name = "blah-blah"
}
}
resource "null_resource" "s3publicpol" {
provisioner "local-exec" {
command = "aws s3api put-public-access-block --bucket blah-blah --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
}
}
When running this from terraform I am getting this message;
An error occurred (AccessDenied) when calling the PutPublicAccessBlock operation: Access Denied
But when I try and run AWS cli and run the command above myself it works perfectly fine, so I have the permissions within AWS.
Am I missing something I need to do locally for Terraform?
Cheers Stephen
Upvotes: 3
Views: 6301
Answers (1)
gbeaven
Reputation: 1800
The aws_s3_bucket_public_access_block resource is now natively supported in Terraform:
resource "aws_s3_bucket_public_access_block" "example" {
bucket = aws_s3_bucket.example.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
Upvotes: 1
Related Questions
- Terraform - Unable to run multiple commands in local exec
- Terraform provisioner local_exec file not found using EOT
- terraform provisioner - local exec bin/sh Directory nonexistent error
- How to run multiple commands using terraform local-exec
- terraform local-exec ausführen
- Local-exec with Terraform and AWS CLI inconsistent
- Terraform fails remote-exec (aws/ec2)
- Calling a shell script within local-exec-terraform
- provisioner local-exec access to each.key
- Running local-exec provisioner on all EC2 instances after creation