bdeshi/resume-manpage-iac
0
0
Fork 0
Code Issues Pull Requests Releases Activity

iac: fix s3 bucket kms key id

Browse Source
This commit is contained in:
bdeshi
2024-05-17 08:13:04 +06:00
parent 3311921b89
commit 4e0c04d8d3
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
provider.aws.data.tf
View File

@ -1,5 +1,9 @@
data "aws_caller_identity" "current" {} data "aws_caller_identity" "current" {}
data "aws_kms_alias" "aws_s3" {
name = "alias/aws/s3"
}
data "aws_iam_policy_document" "s3_cloudfront_access" { data "aws_iam_policy_document" "s3_cloudfront_access" {
statement { statement {
principals { principals {

5
provider.aws.s3.tf
View File

@ -14,9 +14,10 @@ resource "aws_s3_bucket_public_access_block" "created" {
resource "aws_s3_bucket_server_side_encryption_configuration" "created" { resource "aws_s3_bucket_server_side_encryption_configuration" "created" {
bucket = aws_s3_bucket.created.id bucket = aws_s3_bucket.created.id
rule { rule {
bucket_key_enabled = true
apply_server_side_encryption_by_default { apply_server_side_encryption_by_default {
kms_master_key_id = "aws/s3" sse_algorithm = "AES256"
sse_algorithm = "aws:kms" # kms_master_key_id = data.aws_kms_alias.aws_s3.arn
} }
} }
} }