iac: fix s3 bucket kms key id

This commit is contained in:
bdeshi 2024-05-17 08:13:04 +06:00
parent 5541743517
commit 25e68e059f
Signed by: bdeshi
GPG Key ID: 410D03DA9A3468E0
2 changed files with 7 additions and 2 deletions

View File

@ -1,5 +1,9 @@
data "aws_caller_identity" "current" {}
data "aws_kms_alias" "aws_s3" {
name = "alias/aws/s3"
}
data "aws_iam_policy_document" "s3_cloudfront_access" {
statement {
principals {

View File

@ -14,9 +14,10 @@ resource "aws_s3_bucket_public_access_block" "created" {
resource "aws_s3_bucket_server_side_encryption_configuration" "created" {
bucket = aws_s3_bucket.created.id
rule {
bucket_key_enabled = true
apply_server_side_encryption_by_default {
kms_master_key_id = "aws/s3"
sse_algorithm = "aws:kms"
sse_algorithm = "AES256"
# kms_master_key_id = data.aws_kms_alias.aws_s3.arn
}
}
}