Closed nce closed 1 year ago
We want to sync our terraform state to one bucket in s3.
The bucket needs to be created by hand, along side the policy for our user (#3).
aws s3 mb s3://ops-k8s-bootstrap-tfstate echo > policy.json <<EOF { "Id": "Policy1666800308880", "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1666800306128", "Action": [ "s3:GetObject", "s3:ListBucket", "s3:PutBucketVersioning", "s3:PutEncryptionConfiguration", "s3:PutObject", "s3:GetBucketVersioning", "s3:GetEncryptionConfiguration", "s3:GetBucketPublicAccessBlock", "s3:PutBucketPublicAccessBlock" ], "Effect": "Allow", "Resource": [ "arn:aws:s3:::ops-k8s-bootstrap-tfstate", "arn:aws:s3:::ops-k8s-bootstrap-tfstate/*" ], "Principal": { "AWS": [ "arn:aws:iam::571075516563:user/ops-github-kaas" ] } } ] } EOF aws s3api put-bucket-policy --bucket ops-k8s-bootstrap-tfstate --policy file://policy.json
Pay attention to the name of the cluster AND the arn of the user
arn
This was reworked and is now included in the init.tf file https://github.com/adorsys/ops-k8s-bootstrap/blob/5b0d51be59ac1df91d2ba929404ba950eb289d60/init.tf
We want to sync our terraform state to one bucket in s3.
The bucket needs to be created by hand, along side the policy for our user (#3).
Creation of the bucket by cli
Pay attention to the name of the cluster AND the
arn
of the user