Amazon web services Terraform：授予ElastiCache用户导出到S3 Bucket的权限_Amazon Web Services_Amazon S3_Terraform_Amazon Iam_Amazon Elasticache

Amazon web services Terraform：授予ElastiCache用户导出到S3 Bucket的权限

amazon-web-services amazon-s3 terraform

Amazon web services Terraform：授予ElastiCache用户导出到S3 Bucket的权限,amazon-web-services,amazon-s3,terraform,amazon-iam,amazon-elasticache,Amazon Web Services,Amazon S3,Terraform,Amazon Iam,Amazon Elasticache,我想将快照从ElastiCache导出到S3。通过以下步骤手动设置相对容易。然而，我希望通过使用terraform以编程的方式实现这一点它在文件中指出： 5. Choose Access Control List. <snip /> 8. Set the permissions on the bucket by choosing Yes for: a. List objects b. Write objects c. Read bucket permissio

我想将快照从ElastiCache导出到S3。通过以下步骤手动设置相对容易。然而，我希望通过使用terraform以编程的方式实现这一点

它在文件中指出：

5. Choose Access Control List.

<snip />

8. Set the permissions on the bucket by choosing Yes for:
   a. List objects
   b. Write objects
   c. Read bucket permissions

GITHUB

我发现了两个与此相关的问题（代码尚未合并）：

我猜在这两个问题中的一个得到解决之前，这可能是不可能的。

根据错误，您可能是ElasticCache主体，无法读取Bucket访问控制策略权限。您需要专门基于此页面添加一些附加权限

根据错误，您似乎是ElasticCache主体，无法读取Bucket访问控制策略权限。您需要专门基于此页面添加一些附加权限

我收到相同的“Elasticache未被授予ReadACP权限”错误我收到相同的“Elasticache未被授予ReadACP权限”错误

data "aws_iam_policy_document" "my_backups" {
  statement {
    actions = [
      "s3:GetBucketAcl",
      "s3:ListBucket",
      "s3:PutObject",
      "s3:DeleteObject",
    ]

    resources = [
      "arn:aws:s3:::my-backups",
      "arn:aws:s3:::my-backups/*",
    ]

    principals {
      type        = "CanonicalUser"
      identifiers = ["540804c33a284a299d2547575ce1010f2312ef3da9b3a053c8bc45bf233e4353"]
    }
  }
}

resource "aws_s3_bucket" "my_backups" {
  bucket = "my-backups"
  policy = "${data.aws_iam_policy_document.my_backups.json}"
}

{
"Statement":
    {
    "Effect": "Allow",
    "Action": [
        "s3:GetBucketLocation",
        "s3:ListAllMyBuckets"
        ],
    "Resource": "arn:aws:s3:::*"
    }
    "Version": "2012-10-17"
}