github.com/ves/terraform@v0.8.0-beta2/website/source/docs/providers/aws/d/redshift_service_account.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_redshift_service_account" 4 sidebar_current: "docs-aws-datasource-redshift-service-account" 5 description: |- 6 Get AWS Redshift Service Account ID for storing audit data in S3. 7 --- 8 9 # aws\_redshift\_service\_account 10 11 Use this data source to get the Service Account ID of the [AWS Redshift Account](http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging) 12 in a given region for the purpose of allowing Redshift to store audit data in S3. 13 14 ## Example Usage 15 16 ``` 17 data "aws_redshift_service_account" "main" { } 18 19 resource "aws_s3_bucket" "bucket" { 20 bucket = "tf-redshift-logging-test-bucket" 21 force_destroy = true 22 policy = <<EOF 23 { 24 "Version": "2008-10-17", 25 "Statement": [ 26 { 27 "Sid": "Put bucket policy needed for audit logging", 28 "Effect": "Allow", 29 "Principal": { 30 "AWS": "arn:aws:iam:${data.aws_redshift_service_account.main.id}:user/logs" 31 }, 32 "Action": "s3:PutObject", 33 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*" 34 }, 35 { 36 "Sid": "Get bucket policy needed for audit logging ", 37 "Effect": "Allow", 38 "Principal": { 39 "AWS": "arn:aws:iam:${data.aws_redshift_service_account.main.id}:user/logs" 40 }, 41 "Action": "s3:GetBucketAcl", 42 "Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket" 43 } 44 ] 45 } 46 EOF 47 } 48 ``` 49 50 ## Argument Reference 51 52 * `region` - (Optional) Name of the Region whose Redshift account id is desired. If not specified, default's to the region from the AWS provider configuration. 53 54 55 ## Attributes Reference 56 57 * `id` - The ID of the Redshift service Account in the selected region.