Kotless S3Bucket permission annotation generates terraform incorrectly for the ListObjects operation.
ListObjects requires the s3:ListBucket permission to be applied to the s3 arn without a trailing "/". i.e. the arn needs to look like this arn:aws:s3:::my-bucket instead of arn:aws:s3:::my-bucket/
In other words, we need a new statement in the generated aws_iam_policy_document for Permission.Read or Permission.ReadWrite for the s3 bucket that looks something like this:
Kotless S3Bucket permission annotation generates terraform incorrectly for the ListObjects operation.
ListObjects requires the s3:ListBucket permission to be applied to the s3 arn without a trailing "/". i.e. the arn needs to look like this arn:aws:s3:::my-bucket instead of arn:aws:s3:::my-bucket/
In other words, we need a new statement in the generated aws_iam_policy_document for Permission.Read or Permission.ReadWrite for the s3 bucket that looks something like this:
statement { actions = ["s3:List*"] effect = "Allow" resources = ["arn:aws:s3:::my-bucket"] }