provider/aws: Add aws_s3_bucket_policy resource #8615
Conversation
jen20
force-pushed
the
f-aws-s3-bucket-policy
branch
2 times, most recently
from
3abd21c
to
c251c5f
Compare
|
Just realised I forgot the docs, will add. |
| package aws | ||
|
|
||
| import ( | ||
| //"encoding/json" |
|
A few reviews, and a meta question: I have no problem with that lib being under your account, but I also wouldn't be against it just being a sub-library within the Terraform repo if it is fairly specialized to us. Either way. |
This commit adds a new "attachment" style resource for setting the policy of an AWS S3 bucket. This is desirable such that the ARN of the bucket can be referenced in an IAM Policy Document. In addition, we now suppress diffs on the (now-computed) policy in the S3 bucket for structurally equivalent policies, which prevents flapping because of whitespace and map ordering changes made by the S3 endpoint.
jen20
force-pushed
the
f-aws-s3-bucket-policy
branch
from
ffeb930
to
93f31fc
Compare
|
I think over time (once we have more confidence in effectiveness across a wider range of policy types) we should bring it to be a helper library in the AWS provider. For now I think it's better to keep it vendored so it can be worked on separately without risking regression in Terraform? |
|
LGTM! |
|
@mitchellh the change here that introduces Either the test or the ReadFunc needs to be updated, I haven't looked into this yet. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
This commit adds a new "attachment" style resource for setting the policy of an AWS S3 bucket. This is desirable such that the ARN of the bucket can be referenced in an IAM Policy Document.
In addition, we now suppress diffs on the (now-computed) policy in the S3 bucket for structurally equivalent policies, which prevents flapping because of whitespace and map ordering changes made by the S3 endpoint.