Shows how to use AWS with Terraform to accomplish the following tasks:
- How to securely deploy an AWS-S3 bucket with Terraform
-
Once account B is completed you must copy the output of the lambda_execution_role.arn:
- arn:aws:iam::account-b-id:role/lambda_execution_role - COPY THIS ARN and Paste it in the secure_bucket_policy
-
You must have Terraform installed How to install terraform guide
- As an AWS best practice, grant this code least privilege, or only the permissions required to perform a task. For more information, see Grant Least Privilege in the AWS Identity and Access Management User Guide.
- This code has been tested in us-west-1 AWS Regions only. However it should work in any other region.
- Running this code it might result in charges to your AWS account.
It will deploy to the account setup for the aws cli called 'default' or 'profile' set it
clone this repo
cd secure-s3-deployment
terraform init
terraform validate
terraform plan
terraform apply --auto-approveterraform destroy --auto-approve-
clone this repo
-
cd to the the directory secure-s3-deployment
-
use terraform init command prepare your working directory for other commands
-
terraform validate command check whether the configuration is valid
-
terraform plan command show changes required by the current configuration
-
terraform apply create or update infrastructure
-
Alternate command : terraform apply -auto-approve
-
terraform destroy destroy previously-created infrastructure
-
Alternate command : terraform destroy -auto-approve
-
terraform fmt reformat your configuration in the standard style
-
Update the unique bucket name in the variable.tf file
bucket_name = "unique-backet-name"
target_bucket = "unique-backet-name"