#cloudposse (2023-09)

<http://cloudposse.com/quizcloudposse.com/quiz>

Want to hire Cloud Posse? Take our quiz. <http://cloudposse.com/quizcloudposse.com/quiz>

2023-09-09

Muhammad Taqi avatar
Muhammad Taqi
07:57:22 PM

Hy folks, I’m trying to create a public s3 bucket, So objects can only be read-only by public and write access via keys. Below is my code. After bucket creation i can not access the objects via object url

module "s3_public_bucket" {
  source  = "cloudposse/s3-bucket/aws"
  version = "4.0.0"

  name = "${var.name}-${var.environment}-assets"

  s3_object_ownership = "BucketOwnerEnforced"
  acl                 = "public-read"
  enabled             = true
  user_enabled        = false
  versioning_enabled  = false

  ignore_public_acls           = false
  block_public_acls            = false
  block_public_policy          = false
  force_destroy                = true
  sse_algorithm                = "AES256"
  allow_encrypted_uploads_only = true
  allow_ssl_requests_only      = true

  cors_configuration = [
    {
      allowed_origins = ["*"]
      allowed_methods = ["GET", "HEAD", ]
      allowed_headers = ["*"]
      expose_headers  = []
      max_age_seconds = "3000"
    }
  ]

  allowed_bucket_actions = [
    "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListObjects", "s3:ListMultipartUploadParts", "s3:PutObject",
    "s3:PutObjectTagging", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectTagging", "s3:AbortMultipartUpload",
    "s3:ReplicateObject", "s3:RestoreObject", "s3:BatchDelete", "s3:DeleteObject", "s3:DeleteObjectVersion",
    "s3:DeleteMultipleObjects", "s3:*"
  ]
  lifecycle_configuration_rules = []
}

What’s wrong here?

    keyboard_arrow_up