Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
T
tf_mod_aws_cloudtrail_ops
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
steamhaus
tf_mod_aws_cloudtrail_ops
Commits
3cf85a3c
Commit
3cf85a3c
authored
Dec 15, 2016
by
Chris Merrett
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed syntax of formatlist
parent
2aef5c52
Pipeline
#773
passed with stage
in 6 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
3 additions
and
31 deletions
+3
-31
main.tf
main.tf
+3
-3
s3_policy.json.tpl
s3_policy.json.tpl
+0
-28
No files found.
main.tf
View file @
3cf85a3c
...
...
@@ -17,7 +17,7 @@ data "aws_iam_policy_document" "main" {
sid
=
"AWSCloudTrailAclCheck"
effect
=
"Allow"
actions
=
[
"s3:GetBucketAcl"
]
resources
=
"arn:aws:s3:::
${
var
.
customer_name
}
-
${
var
.
environment
}
-cloudtrail"
resources
=
[
"arn:aws:s3:::
${
var
.
customer_name
}
-
${
var
.
environment
}
-cloudtrail"
]
principals
{
type
=
"Service"
...
...
@@ -29,7 +29,7 @@ data "aws_iam_policy_document" "main" {
sid
=
"AWSCloudTrailWrite"
effect
=
"Allow"
actions
=
[
"s3:PutObject"
]
resources
=
"arn:aws:s3:::
${
var
.
customer_name
}
-
${
var
.
environment
}
-cloudtrail/*"
resources
=
[
"arn:aws:s3:::
${
var
.
customer_name
}
-
${
var
.
environment
}
-cloudtrail/*"
]
principals
{
type
=
"Service"
...
...
@@ -47,7 +47,7 @@ data "aws_iam_policy_document" "main" {
sid
=
"AWSCloudTrailWrite"
effect
=
"Allow"
actions
=
[
"s3:PutObject"
]
resources
=
[
"
${
formatlist
(
"arn:aws:s3:::
$
${
var
.
customer_name
}
-
$
${
var
.
environment
}
-cloudtrail/AWSLogs/%s/*"
,
var
.
child_accounts
)
}
"
]
resources
=
[
"
${
formatlist
(
"arn:aws:s3:::
$
{
var
.
customer_name
}
-
${
var
.
environment
}
-cloudtrail/AWSLogs/%s/*"
,
var
.
child_accounts
)
}
"
]
principals
{
type
=
"Service"
...
...
s3_policy.json.tpl
deleted
100644 → 0
View file @
2aef5c52
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AWSCloudTrailAclCheck",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:GetBucketAcl",
"Resource": "arn:aws:s3:::$
{
customer_name
}
-$
{
environment
}
-cloudtrail"
},
{
"Sid": "AWSCloudTrailWrite",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::$
{
customer_name
}
-$
{
environment
}
-cloudtrail/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
}
}
]
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
