Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 9b45e1a

Browse files
🐛 allow CloudFront to access to S3 bucket
1 parent daaa529 commit 9b45e1a

File tree

1 file changed

+29
-4
lines changed

1 file changed

+29
-4
lines changed

‎examples/minimal/main.tf

Lines changed: 29 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -36,23 +36,48 @@ module "basic_auth" {
3636
resource "aws_s3_bucket" "test" {
3737
bucket = "${var.s3_bucket_name}"
3838
acl = "private"
39+
40+
policy = <<EOF
41+
{
42+
"Version":"2012年10月17日",
43+
"Id":"PolicyForCloudFrontPrivateContent",
44+
"Statement":[
45+
{
46+
"Sid": "Grant a CloudFront Origin Identity access to support private content",
47+
"Effect": "Allow",
48+
"Principal": {
49+
"CanonicalUser": "${aws_cloudfront_origin_access_identity.test.s3_canonical_user_id}"
50+
},
51+
"Action": "s3:GetObject",
52+
"Resource": "arn:aws:s3:::${var.s3_bucket_name}/*"
53+
}
54+
]
55+
}
56+
EOF
3957
}
4058

4159
resource "aws_s3_bucket_object" "test" {
42-
bucket = "${aws_s3_bucket.test.id}"
43-
key = "index.html"
44-
source = "index.html"
45-
etag = "${md5(file("index.html"))}"
60+
bucket = "${aws_s3_bucket.test.id}"
61+
key = "index.html"
62+
source = "index.html"
63+
content_type = "text/html"
64+
etag = "${md5(file("index.html"))}"
4665
}
4766

4867
###
4968
# CloudFront
5069
#
5170

71+
resource "aws_cloudfront_origin_access_identity" "test" {}
72+
5273
resource "aws_cloudfront_distribution" "test" {
5374
origin {
5475
domain_name = "${aws_s3_bucket.test.bucket_regional_domain_name}"
5576
origin_id = "S3-${aws_s3_bucket.test.id}"
77+
78+
s3_origin_config {
79+
origin_access_identity = "${aws_cloudfront_origin_access_identity.test.cloudfront_access_identity_path}"
80+
}
5681
}
5782

5883
enabled = true

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /