Provide terraform for bucket creation

[ngachung]

Bucket policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {
                "AWS": ""
            },
            "Action": [
                "s3:ListBucket",
                "s3:GetObject*",
                "s3:PutObject*"
            ],
            "Resource": [
                "arn:aws:s3:::sps-dev-ds-storage/*",
                "arn:aws:s3:::sps-dev-ds-storage"
            ]
        }
    ]
}

AWS account value will be available in SSM to be created by UCS

Documentation provided by UCS on how to add to marketplace is available at https://unity-sds.gitbook.io/docs/developer-docs/common-services/docs/users-guide/deployment/deployment-concepts-and-infrastructure/unity-marketplace

[wphyojpl]

Unable to test the following due to IAM restrictions

• adding Bucket Policy
• adding S3 Notification

[mike-gangl]

@wphyojpl what role are you using? @ngachung should have those permissions (tenant-operator)

[ngachung]

@mike-gangl We believe it's not due to permission issues but the policy itself was incorrect. We'll circle back to this in this sprint.

[wphyojpl]

Hi @mike-gangl I think it is resolved as @ngachung mentioned.. I intended to bundle it to another ticket, but did not do so at the end.

[GodwinShen]

@ngachung and @wphyojpl ping for status. It looks like the PR for #372 is awaiting review.

[wphyojpl]

@GodwinShen Yea. I just created a PR to UCS. I think I need someone to correct my metadata.json file.

https://github.com/unity-sds/unity-data-services/pull/372#issuecomment-2121171505

[GodwinShen]

@wphyojpl ping for status

[wphyojpl]

Hi @GodwinShen Updating the logic after discussion with UCS.