aws_s3_encryption_examples/s3-sse-c.tf at main · panilo/aws_s3_encryption_examples · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# Creating a bucket
resource "aws_s3_bucket" "sse-c-test" {
  bucket = "sse-c-test-webbame"
}

# Giving public access to the bucket
resource "aws_s3_bucket_policy" "sse-c-test-policy" {
  bucket = aws_s3_bucket.sse-c-test.id
  policy = templatefile("./bucket-public-access-policy.json", { bucket_arn = aws_s3_bucket.sse-c-test.arn })
}

# Disable the ACL on the bucket
resource "aws_s3_bucket_ownership_controls" "sse-c-ownership-controls" {
  bucket = aws_s3_bucket.sse-c-test.id

  rule {
    object_ownership = "BucketOwnerEnforced"
  }
}

# Upload an example object with the CLI specifying the SSE-C key to be used
resource "null_resource" "aws-cli-s3-cp" {
  provisioner "local-exec" {
    command     = "aws s3 cp example.txt s3://sse-c-test-webbame/example.txt --sse-c --sse-c-key 7D139D4BB99FC6B8AAD8CA952AD4D82F"
  }
}