Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

provider/aws: Add iam_arn to aws_cloudfront_origin_access_identity #6955

Conversation

vancluever
Copy link
Contributor

I've noticed that when S3 normalizes a bucket policy it takes the CanonicalUser principal and converts it to an AWS one, with an ARN like:

arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ABCD123456

This of course causes more of the spurious diffs that we all know and love ;)

So, I've added the iam_arn to the aws_cloudfront_origin_access_identity resource and included some notes in the docs.

Add the iam_arn attribute to aws_cloudfront_origin_access_identity,
which computes the IAM ARN for a certain CloudFront origin access
identity.

This is necessary because S3 modifies the bucket policy if CanonicalUser
is sent, causing spurious diffs with aws_s3_bucket resources.
@catsby
Copy link
Contributor

catsby commented Jun 1, 2016

Thanks!

@catsby catsby merged commit d723e1c into hashicorp:master Jun 1, 2016
@vancluever
Copy link
Contributor Author

Thanks @catsby!

@xenoterracide
Copy link

reading this commit, I thought this would work... http://serverfault.com/q/837851/6852

@ghost
Copy link

ghost commented Apr 15, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants