
This assumes you have setup Terraform with the Amazon Web Services (AWS) provider. If not, check out my article Amazon Web Services (AWS) Getting Started with Terraform.
An S3 Bucket is similar to an NFS share in that it is a mountable storage volume.
By default, an S3 Bucket will be set with Access Control Lists (ACLs) disabled and the S3 Bucket ownership is Bucket Owner Enforced. The aws_s3_bucket_ownership_controls resource module can be used to set the S3 Bucket Owner to:
- BucketOwnerEnforced
- BucketOwnerPreferred - Objects added to the Bucket will be owned by the Bucket owner
- ObjectWriter - Objects added to the Bucket will be owned by the user that added the object to the Bucket
Let's say you have the following files on your Terraform server.
├── required_providers.tf
├── s3_buckets (directory)
│ ├── buckets.tf
│ ├── provider.tf
required_providers.tf will almost always have this.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
}
}
}
Let's say provider.tf in the network_load_balancer directory has the following. In this example, the "default" profile in /home/username/.aws/config and /home/username/.aws/credentials is being used. This assumes you have setup Terraform as described in Amazon Web Services (AWS) - Getting Started with Terraform.
provider "aws" {
alias = "default"
profile = "default"
region = "default"
}
And buckets.tf could have the following. By default, S3 Buckets are created in the us-east-1 (N. Virginia) region. In this example, an S3 Bucket named my_bucket_kdjmnzkdjemz will be created and set to BucketOwnerPreferred.
resource "aws_s3_bucket" "my_bucket_kdjmnzkdjemz" {
bucket = "my-bucket-kdjmnzkdjemz"
tags = {
Name = "my_bucket_kdjmnzkdjemz"
Environment = "staging"
}
}
resource "aws_s3_bucket_ownership_controls" "bucket_ownership" {
bucket = aws_s3_bucket.my_bucket_kdjmnzkdjemz.id
rule {
object_ownership = "BucketOwnerPreferred"
}
}
You may need to issue or reissue the terraform init command.
terraform init
The terraform plan command can be used to see what Terraform will try to do.
terraform plan
And the terraform apply command can be used to create the S3 Bucket and set the S3 Bucket Ownership.
terraform apply
Did you find this article helpful?
If so, consider buying me a coffee over at