You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
67 lines
1.4 KiB
HCL
67 lines
1.4 KiB
HCL
resource "aws_s3_bucket" "blog" {
|
|
bucket = "blog.ndumas.com"
|
|
force_destroy = true
|
|
}
|
|
|
|
|
|
resource "aws_s3_bucket_acl" "blog_acl" {
|
|
bucket = aws_s3_bucket.blog.id
|
|
acl = "public-read"
|
|
}
|
|
|
|
resource "aws_s3_bucket_website_configuration" "blog_site" {
|
|
bucket = aws_s3_bucket.blog.id
|
|
index_document {
|
|
suffix = "index.html"
|
|
}
|
|
}
|
|
|
|
resource "aws_s3_bucket_cors_configuration" "blog_cors" {
|
|
bucket = aws_s3_bucket.blog.id
|
|
cors_rule {
|
|
allowed_headers = ["*"]
|
|
allowed_methods = ["GET"]
|
|
allowed_origins = ["https://blog.ndumas.com", "http://blog.ndumas.com"]
|
|
max_age_seconds = 3000
|
|
}
|
|
}
|
|
|
|
resource "aws_iam_user" "blog_uploader" {
|
|
name = "blog-uploader"
|
|
}
|
|
|
|
resource "aws_iam_user_policy_attachment" "blog_uploader_policy_attach" {
|
|
user = aws_iam_user.blog_uploader.name
|
|
policy_arn = aws_iam_policy.blog_bucket_policy.arn
|
|
}
|
|
|
|
resource "aws_iam_policy" "blog_bucket_policy" {
|
|
name = "blog-bucket-policy"
|
|
path = "/"
|
|
description = "Allow "
|
|
|
|
policy = jsonencode({
|
|
"Version" : "2012-10-17",
|
|
"Statement" : [
|
|
{
|
|
"Sid" : "VisualEditor0",
|
|
"Effect" : "Allow",
|
|
"Action" : [
|
|
"s3:PutObject",
|
|
"s3:GetObject",
|
|
"s3:ListBucket",
|
|
"s3:DeleteObject"
|
|
],
|
|
"Resource" : [
|
|
"arn:aws:s3:::*/*",
|
|
"arn:aws:s3:::blog.ndumas.com"
|
|
]
|
|
}
|
|
]
|
|
})
|
|
}
|
|
|
|
resource "aws_iam_access_key" "blog_upload_key" {
|
|
user = aws_iam_user.blog_uploader.name
|
|
}
|