2024-05-17 06:52:49 +06:00
|
|
|
data "aws_caller_identity" "current" {}
|
|
|
|
|
2024-05-17 08:13:04 +06:00
|
|
|
data "aws_kms_alias" "aws_s3" {
|
|
|
|
name = "alias/aws/s3"
|
|
|
|
}
|
|
|
|
|
2024-05-17 06:52:49 +06:00
|
|
|
data "aws_iam_policy_document" "s3_cloudfront_access" {
|
|
|
|
statement {
|
|
|
|
principals {
|
|
|
|
type = "Service"
|
|
|
|
identifiers = ["cloudfront.amazonaws.com"]
|
|
|
|
}
|
|
|
|
actions = [
|
|
|
|
"s3:GetObject",
|
|
|
|
"s3:ListBucket"
|
|
|
|
]
|
|
|
|
resources = [
|
|
|
|
aws_s3_bucket.created.arn,
|
|
|
|
"${aws_s3_bucket.created.arn}/*"
|
|
|
|
]
|
|
|
|
condition {
|
|
|
|
test = "StringEquals"
|
|
|
|
variable = "AWS:SourceArn"
|
|
|
|
values = [aws_cloudfront_distribution.created.arn]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
data "aws_iam_policy_document" "pubilsher" {
|
|
|
|
statement {
|
|
|
|
actions = [
|
|
|
|
"s3:*",
|
|
|
|
"cloudfront:*"
|
|
|
|
]
|
|
|
|
resources = [
|
|
|
|
aws_s3_bucket.created.arn,
|
|
|
|
"${aws_s3_bucket.created.arn}/*",
|
|
|
|
aws_cloudfront_distribution.created.arn
|
|
|
|
]
|
|
|
|
}
|
|
|
|
}
|