cross-post BUG👋 I’m here! What's up?
I was about to create a bug ticket and and saw the link to your slack. So I want to make sure its a Bug before opening a ticket.
its about the
terraform-aws-s3-bucket.
if you specify the
privileged_principal_arns option it will never create a bucket policy. Is this a wanted behaviour, since the a
aws_iam_policy_document is created?
My guess is that in the the
privileged_principal_arns is missing in the
count option
here:
resource "aws_s3_bucket_policy" "default" {
count = local.enabled && (var.allow_ssl_requests_only || var.allow_encrypted_uploads_only || length(var.s3_replication_source_roles) > 0 || var.policy != "") ? 1 : 0
bucket = join("", aws_s3_bucket.default.*.id)
policy = join("", data.aws_iam_policy_document.aggregated_policy.*.json)
depends_on = [aws_s3_bucket_public_access_block.default]
}
ok I am almost 100% sure its a bug, so here are the issue and the PR
Bug-Issue: https://github.com/cloudposse/terraform-aws-s3-bucket/issues/100
PR: https://github.com/cloudposse/terraform-aws-s3-bucket/pull/101
