diff options
| author | Alex Schofield <git@ajschof.me> | 2024-08-20 15:15:28 +0100 |
|---|---|---|
| committer | Alex Schofield <git@ajschof.me> | 2024-08-20 15:15:28 +0100 |
| commit | 5493cdc71da4730c4e388d9718f278bc2f14badf (patch) | |
| tree | dceb10fd2297a5f0021722d8423b392a09cabe60 /terraform | |
| parent | 2a914add8391f345ee1096b9deb729c05d3e06c3 (diff) | |
| download | de-project-bentley-5493cdc71da4730c4e388d9718f278bc2f14badf.tar.gz de-project-bentley-5493cdc71da4730c4e388d9718f278bc2f14badf.zip | |
infra(tf): add ListBucket and GetObject permissions
Diffstat (limited to 'terraform')
| -rw-r--r-- | terraform/iam.tf | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf index 3ac8c45..3d62b69 100644 --- a/terraform/iam.tf +++ b/terraform/iam.tf @@ -41,7 +41,8 @@ data "aws_iam_policy_document" "s3_data_policy_doc" { "s3:PutObjectTagging", "s3:PutObjectAcl", "s3:ListObjects", - "s3:ListObjectsV2" + "s3:ListObjectsV2", + "s3:GetObject" ] resources = [ "${aws_s3_bucket.extract_bucket.arn}/*", @@ -53,8 +54,10 @@ data "aws_iam_policy_document" "s3_data_policy_doc" { statement { effect = "Allow" actions = [ - "s3:ListBuckets", - "s3:ListAllMyBuckets" + "s3:ListBucket", + "s3:ListAllMyBuckets", + "s3:ListObjectsV2", + "s3:ListObjects" ] resources = [ "arn:aws:s3:::*", |