Menu
i am going my first steps in Terraform for AWS and i want to create an S3 bucket and set "block all public access" to ON.
Versions:
Terraform v0.12.24 + provider.aws v2.60.0
file provider.tf
provider "aws" {
region = "eu-west-1"
profile = "<myprofile>"
}
file s3.tf
resource "aws_s3_bucket" "<myname>" {
bucket = "<myname>"
region = "eu-west-1"
}
resource "aws_s3_bucket_public_access_block" "<myname>" {
bucket = "aws_s3_bucket.<myname>.id"
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
the values in <> are my own values and if its the same value on my file, i used the same example value here (so in the s3.tf file its just one name for all the variables)
if i make a
terraform apply
it will create everything, but at the "aws_s3_bucket_public_access_block" it will go into a timeout after like 1 minute and tell me:
Error: error creating public access block policy for S3 bucket (aws_s3_bucket.<myname>.id): NoSuchBucket: The specified bucket does not exist
status code: 404
i also tried to add
depends_on = [ aws_s3_bucket.<myname> ]
in the "aws_s3_bucket_public_access_block" but it doesnt work either.
I searched and tried and searched but nothing really works. Someone reported an error about it and told i must set the AWS_REGION globally in an .env file, tried it and didnt work either.
972
To control the access of the S3 bucket you need to use the aws_s3_bucket_public_access_block resource in your Terraform code as shown below.
Resource: aws_s3_bucket_public_access_block. Manages S3 bucket-level Public Access Block configuration. For more information about these settings, see the AWS S3 Block Public Access documentation.
The bucket names are mentioned in the default key. And then count , Will calculate the number of buckets we need to create from the s3_bucket_name variable. Run terraform plan to verify the script and then run terraform apply to create multiple S3 buckets as per your requirement.
2. $ terraform apply – Run the Terraform apply command and you should be able to upload the files to the S3 bucket. There are many more things that you can do with Terraform and the S3 Bucket. Here is a guide on how to rename an AWS S3 bucket in Terraform which can help you rename your S3 bucket. 4.
By default, new buckets, access points, and objects do not allow public access. For more information, see Blocking public access to your Amazon S3 storage . You can use the S3 console, AWS CLI, AWS SDKs, and REST API to configure block public access settings for your bucket.
For more information about these settings, see the AWS S3 Block Public Access documentation. Each AWS account may only have one S3 Public Access Block configuration. Multiple configurations of the resource against the same AWS account will cause a perpetual difference.
In the Access column, Amazon S3 labels the permissions for a bucket as follows: Public – Everyone has access to one or more of the following: List objects, Write objects, Read and write permissions. Objects can be public – The bucket is not public, but anyone with the appropriate permissions can grant public access to objects.
Your reference to S3 bucket is incorrect.
Change:
bucket = "aws_s3_bucket.<myname>.id"
To:
bucket = aws_s3_bucket.<myname>.id
No double quotes since you are referencing another resource
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
