我想在我的ubuntu docker容器上部署我的地形模板。我在env-vars、terraform和/.aws/credentials中设置了容器中的密钥。一开始我有管理权限的密钥,但后来我也尝试了根密钥,但没有成功。
我尝试过的地形版本是0.14和1.2.6
这就是错误:
状态代码:403,请求id:xxx,主机id:xxx=:时间戳=2022-08-12T16:18:50.169Z 2022/08/12 16:18:50[DEBUG]aws_s3_bucket_root_bucket:apply-errored,但我们通过错误指针而不是返回它来指示:创建s3存储桶时出错:AccessDenied:Access Denied状态代码403,请求id:xxx,主机id:xxx=
这是代码和json:
resource "aws_s3_bucket" "root_bucket" {
bucket = var.bucket_name
acl = "public-read"
policy = templatefile("templates/s3-policy.json", { bucket = var.bucket_name })
website {
redirect_all_requests_to = "https://www.${var.domain_name}"
}
tags = var.common_tags
}
# json below
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::${bucket}/*"
}
]
}
# provider file below
terraform {
required_version = "~> 1.2.6"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
backend "s3" {
bucket = "skapawebb-terraform"
key = "prod/terraform.tfstate"
region = "eu-north-1"
access_key = “xxx”
secret_key = “xxx"
}
}
provider "aws" {
region = "eu-north-1"
access_key = “xxx”
secret_key = “xxx”
}
provider "aws" {
alias = "acm_provider"
region = "us-east-1"
}
发生这种情况可能有两个原因:
- 您正在将公共政策添加到您的存储桶中,并且
- 您已为帐户的帐户启用阻止公用访问设置
您必须禁用帐户的阻止公共访问设置,然后才能使用公共策略创建任何存储桶。