github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/examples/aws-s3-cross-account-access/main.tf (about)

     1  provider "aws" {
     2    alias = "prod"
     3  
     4    region = "us-east-1"
     5    access_key = "${var.prod_access_key}"
     6    secret_key = "${var.prod_secret_key}"
     7  }
     8  
     9  resource "aws_s3_bucket" "prod" {
    10    provider = "aws.prod"
    11  
    12    bucket = "${var.bucket_name}"
    13    acl = "private"
    14    policy = <<POLICY
    15  {
    16    "Version": "2012-10-17",
    17    "Statement": [
    18      {
    19        "Sid": "AllowTest",
    20        "Effect": "Allow",
    21        "Principal": {
    22          "AWS": "arn:aws:iam::${var.test_account_id}:root"
    23        },
    24        "Action": "s3:*",
    25        "Resource": "arn:aws:s3:::${var.bucket_name}/*"
    26      }
    27    ]
    28  }
    29  POLICY
    30  }
    31  
    32  resource "aws_s3_bucket_object" "prod" {
    33    provider = "aws.prod"
    34  
    35    bucket = "${aws_s3_bucket.prod.id}"
    36    key = "object-uploaded-via-prod-creds"
    37    source = "${path.module}/prod.txt"
    38  }
    39  
    40  provider "aws" {
    41    alias = "test"
    42  
    43    region = "us-east-1"
    44    access_key = "${var.test_access_key}"
    45    secret_key = "${var.test_secret_key}"
    46  }
    47  
    48  resource "aws_s3_bucket_object" "test" {
    49    provider = "aws.test"
    50  
    51    bucket = "${aws_s3_bucket.prod.id}"
    52    key = "object-uploaded-via-test-creds"
    53    source = "${path.module}/test.txt"
    54  }