Fatal编程技术网
  • json/
  • Terraform验证json策略失败

Terraform验证json策略失败

json validation terraform

Terraform验证json策略失败,json,validation,terraform,Json,Validation,Terraform,我正在尝试使用带有自定义json策略的terraform文件创建一个S3 bucket。我找不到JSON格式的问题。Terraform validate出现错误 错误:“策略”包含无效的JSON:查找值开头的字符“s”无效 在线 } 我能够通过JSONLINT.com进行验证,发现这不是JSON格式的问题,而是与terraform处理JSON有关的问题这不是一个实际的解决方案,但当我将JSON策略内容移动到terraform文件时,通过在 policy = <<POLICY

我正在尝试使用带有自定义json策略的terraform文件创建一个S3 bucket。我找不到JSON格式的问题。Terraform validate出现错误

错误:“策略”包含无效的JSON:查找值开头的字符“s”无效 在线

}

我能够通过JSONLINT.com进行验证,发现这不是JSON格式的问题,而是与terraform处理JSON有关的问题这不是一个实际的解决方案,但当我将JSON策略内容移动到terraform文件时,通过在

    policy = <<POLICY
     {
 {
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Explicit deny",
        "Effect": "Deny",
        "Principal": "*",
        "Action": "s3:*",
        "Resource": [
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999",
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999/*"
        ],
        "Condition": {
            "StringNotLike": {
                "aws:userId": [
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "999999999999"
                ]
            }
        }
    },
    {
        "Sid": "Policy Modification",
        "Effect": "Deny",
        "Principal": "*",
        "Action": [
            "s3:cUSTOMpoLICY",
            "s3:cUSTOMpoLICY"
        ],
        "Resource": [
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999",
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999/*"
        ],
        "Condition": {
            "StringNotLike": {
                "aws:userId": [
                    "XXXXXXXXXXXXXXXXXXXXX:*",
                    "999999999999"
                ]
            }
        }
    }
]

策略=

    policy = <<POLICY
     {
 {
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Explicit deny",
        "Effect": "Deny",
        "Principal": "*",
        "Action": "s3:*",
        "Resource": [
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999",
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999/*"
        ],
        "Condition": {
            "StringNotLike": {
                "aws:userId": [
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "XXXX9999XXXXXXXXXXXXX:*",
                    "999999999999"
                ]
            }
        }
    },
    {
        "Sid": "Policy Modification",
        "Effect": "Deny",
        "Principal": "*",
        "Action": [
            "s3:cUSTOMpoLICY",
            "s3:cUSTOMpoLICY"
        ],
        "Resource": [
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999",
            "arn:xxx-xx-xxx:s3:::s999999999999-9999-99999/*"
        ],
        "Condition": {
            "StringNotLike": {
                "aws:userId": [
                    "XXXXXXXXXXXXXXXXXXXXX:*",
                    "999999999999"
                ]
            }
        }
    }
]