aws_s3_policy_doc_create can only handle one statement within the policy doc it creates. However, more than one statement can be in a policy doc.
In our policies file, aws_policy_document_create fxn does support >1 statement by passing in >1 instance of aws_policy_statement.
The reason for the existence of aws_s3_policy_doc_create is that policies for buckets are pretty different b/c buckets are globally unique , such that AWS figures out the region and account ID for you, so the user of sixtyfour doesn't need to pass those in
The question is: should aws_s3_policy_doc_create support > 1 statement?
aws_s3_policy_doc_create
can only handle one statement within the policy doc it creates. However, more than one statement can be in a policy doc.In our policies file,
aws_policy_document_create
fxn does support >1 statement by passing in >1 instance ofaws_policy_statement
.The reason for the existence of
aws_s3_policy_doc_create
is that policies for buckets are pretty different b/c buckets are globally unique , such that AWS figures out the region and account ID for you, so the user of sixtyfour doesn't need to pass those inThe question is: should
aws_s3_policy_doc_create
support > 1 statement?