我为S3桶配置了以下配置,以便在cloudfront中部署静态UI:
resource "aws_s3_bucket" "admin-app-s3" {
bucket = "admin-app-${var.environment}"
acl = "public-read"
}
resource "aws_s3_bucket_policy" "admin-app-s3-policy1" {
bucket = aws_s3_bucket.admin-app-s3.id
policy = jsonencode({
Version = "2012-10-17"
Id = "admin-app-${var.environment}-policy1"
Statement = [
{
Sid = "Stmt##########"
Effect = "Allow"
Principal = {
AWS = ["arn:aws:iam::##########:user/gitlab-deployments"]
}
Action = "s3:*"
Resource = "arn:aws:s3:::admin-app-${var.environment}/*"
},
{
Sid = "Stmt##########"
Effect = "Allow"
Principal = "*"
Action = ["s3:GetObject","s3:GetObjectVersion"]
Resource = "arn:aws:s3:::admin-app-${var.environment}/*"
}
]
})
}
resource "aws_s3_bucket_website_configuration" "admin-app-configuration1" {
bucket = aws_s3_bucket.admin-app-s3.bucket
index_document {
suffix = "index.html"
}
error_document {
key = "index.html"
}
}
正在工作,然而:
acl = "public-read">
是弃用,你必须使用aws_s3_bucket_acl资源。但是,当我替换我的代码添加aws_s3_bucket_acl资源时,我在S3配置中丢失了访问控制列表(ACL),然后通过权限问题无法在web浏览器中加载资源:
resource "aws_s3_bucket" "admin-app-s3" {
bucket = "admin-app-${var.environment}"
}
resource "aws_s3_bucket_acl" "acl1" {
bucket = aws_s3_bucket.admin-app-s3.id
acl = "public-read"
}
我的问题,就像标题一样是为什么AWS S3资源的非弃用变体不能在Terraform中工作,而弃用选项正在工作??我的代码现在运行与弃用的选项,但我随时更新将需要。这是地形的问题?
我正在使用Terraform v1.2.2和AWS提供商v3.75.2
修复了将Terraform的AWS提供商版本从3.75.2升级到4.22.0的问题