Amazon web services Terraform:授予ElastiCache用户导出到S3 Bucket的权限
我想将快照从ElastiCache导出到S3。通过以下步骤手动设置相对容易。然而,我希望通过使用terraform以编程的方式实现这一点 它在文件中指出:Amazon web services Terraform:授予ElastiCache用户导出到S3 Bucket的权限,amazon-web-services,amazon-s3,terraform,amazon-iam,amazon-elasticache,Amazon Web Services,Amazon S3,Terraform,Amazon Iam,Amazon Elasticache,我想将快照从ElastiCache导出到S3。通过以下步骤手动设置相对容易。然而,我希望通过使用terraform以编程的方式实现这一点 它在文件中指出: 5. Choose Access Control List. <snip /> 8. Set the permissions on the bucket by choosing Yes for: a. List objects b. Write objects c. Read bucket permissio
5. Choose Access Control List.
<snip />
8. Set the permissions on the bucket by choosing Yes for:
a. List objects
b. Write objects
c. Read bucket permissions
GITHUB
我发现了两个与此相关的问题(代码尚未合并):
我猜在这两个问题中的一个得到解决之前,这可能是不可能的。根据错误,您可能是ElasticCache主体,无法读取Bucket访问控制策略权限。您需要专门基于此页面添加一些附加权限
根据错误,您似乎是ElasticCache主体,无法读取Bucket访问控制策略权限。您需要专门基于此页面添加一些附加权限
我收到相同的“Elasticache未被授予ReadACP权限”错误我收到相同的“Elasticache未被授予ReadACP权限”错误
data "aws_iam_policy_document" "my_backups" {
statement {
actions = [
"s3:GetBucketAcl",
"s3:ListBucket",
"s3:PutObject",
"s3:DeleteObject",
]
resources = [
"arn:aws:s3:::my-backups",
"arn:aws:s3:::my-backups/*",
]
principals {
type = "CanonicalUser"
identifiers = ["540804c33a284a299d2547575ce1010f2312ef3da9b3a053c8bc45bf233e4353"]
}
}
}
resource "aws_s3_bucket" "my_backups" {
bucket = "my-backups"
policy = "${data.aws_iam_policy_document.my_backups.json}"
}
{
"Statement":
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
}
"Version": "2012-10-17"
}