Skip to content

JousP/terraform-aws-s3-bucket-policy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
examples
examples
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

terraform-aws-s3-bucket-policy

A terraform module to help building policies for highly restricted S3 buckets

This module creates :

  • a json formated string to be used to create an S3 bucket policy

This module can :

  • force uploaded data to be encrypted by checking the s3:x-amz-server-side-encryption variable in the s3:PutObject request and reject it if missing
  • explicitly deny all unauthorized users and role at the bucket level even if they have an IAM policy allowing them to perform actions in S3
  • explicitly deny all actions other than s3:list* and s3:Get* for readonly_users at the bucket level
  • explicitly deny all administration access for non-admin users

About

A terraform module to help building policies for S3 buckets

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

6 tags

Packages

No packages published

Languages