Brother, you helped me a lot! I understood everything and it worked perfectly! Thank you so much. I just needed to modify the line policy = data.aws_iam_policy_document.site_origin.json and add the .json at the end because it was expecting an String
Hey! Thanks for the tutorial, it was really helpful. But I'm confused because I thought OAC couldn't be used with an s3 static website? According to AWS it says "Before you create and set up origin access control (OAC), you must have a CloudFront distribution with an Amazon S3 bucket origin. This origin must be a regular S3 bucket, not a bucket configured as a website endpoint. " Also, could you advise the best way to put multiple files or all files in a folder inside a bucket? I couldn't find anything inside the terraform document that helps with it.
hello, glad you have enjoyed the tutorial. yes, OAC cannot be used if you setup S3 as a website endpoint. Ref: docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteEndpoints.html However, here we do not configure s3 itself as a website endpoint. Cloudfront is the one that is serving the content by grabbing files from the S3 rather than the user directly accessing s3 itself. Check out the reference link for the structure of website endpoint. I believe one way to do it would be by using fileset function along with for_each. Look into that :)
hi thanks for sharing! good video, for some reason in the aws_s3_bucket_policy I actually had to add .json to the end of the policy. how are you able to not use it and I have to use it? I was getting this error and it thought it was a string for some reason │ 299: policy = data.aws_iam_policy_document.site_origin │ ├──────────────── │ │ data.aws_iam_policy_document.site_origin is object with 7 attributes │ │ Inappropriate value for attribute "policy": string required resource "aws_s3_bucket_policy" "site_origin" { depends_on = [ aws_s3_bucket.site_origin ] bucket = aws_s3_bucket.site_origin.id policy = data.aws_iam_policy_document.site_origin.json # had to add .json here }
hmmm that is a good point, i must have a typo because .json is actually the proper way. i must've fixed the typo but did not record the fix. my apologies :) i will pay more attention in the next video and will add this into description
![Detective Control Part 1 - AWS Config [Terraform]](http://i.ytimg.com/vi/ItuDirjO1Ms/mqdefault.jpg)
![Detective Control Part 1 - AWS Config [Terraform]](/img/tr.png)
![Lp. Сердце Вселенной #60 РОЖДЕНИЕ ЛОЛОЛОШКИ [Финал] • Майнкрафт](http://i.ytimg.com/vi/YoR0pAV9FVQ/mqdefault.jpg)
Thanks a lot for this Valuable Content. Really Kick started me to start with terraform and successfully deployed the cf +s3 using terraform.
glad it helped :)
thanks, for the s3 bucket policy i need to update the extension to json, after all no error, thanks for the tutorial
glad it helped :)
Brother, you helped me a lot! I understood everything and it worked perfectly! Thank you so much.
I just needed to modify the line policy = data.aws_iam_policy_document.site_origin.json and add the .json at the end because it was expecting an String
glad to hear :) thank you for positive feedback
Thank You very much.
Glad you found it useful :)
Please zoom in a little so that your content is visible..it’s very difficult to watch the video this way
will do, thank you for the suggestion :)
What autocompletion extension are you using? Thanks.
ohmyzsh for zsh shell
Hey! Thanks for the tutorial, it was really helpful. But I'm confused because I thought OAC couldn't be used with an s3 static website? According to AWS it says "Before you create and set up origin access control (OAC), you must have a CloudFront distribution with an Amazon S3 bucket origin. This origin must be a regular S3 bucket, not a bucket configured as a website endpoint. "
Also, could you advise the best way to put multiple files or all files in a folder inside a bucket? I couldn't find anything inside the terraform document that helps with it.
hello, glad you have enjoyed the tutorial. yes, OAC cannot be used if you setup S3 as a website endpoint.
Ref: docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteEndpoints.html
However, here we do not configure s3 itself as a website endpoint. Cloudfront is the one that is serving the content by grabbing files from the S3 rather than the user directly accessing s3 itself. Check out the reference link for the structure of website endpoint.
I believe one way to do it would be by using fileset function along with for_each. Look into that :)
hey, what extensions are you using for terraform
Hashicorp Terraform
kindly share the code with me.
coming shortly :) will make into a module and upload to github. Will share the link here after
Source code? plz
For sure, github.com/openwalnut/terraform_modules/tree/main/aws_cf_s3_module
hi thanks for sharing! good video, for some reason in the aws_s3_bucket_policy I actually had to add .json to the end of the policy. how are you able to not use it and I have to use it?
I was getting this error and it thought it was a string for some reason
│ 299: policy = data.aws_iam_policy_document.site_origin
│ ├────────────────
│ │ data.aws_iam_policy_document.site_origin is object with 7 attributes
│
│ Inappropriate value for attribute "policy": string required
resource "aws_s3_bucket_policy" "site_origin" {
depends_on = [
aws_s3_bucket.site_origin
]
bucket = aws_s3_bucket.site_origin.id
policy = data.aws_iam_policy_document.site_origin.json # had to add .json here
}
hmmm that is a good point, i must have a typo because .json is actually the proper way. i must've fixed the typo but did not record the fix. my apologies :) i will pay more attention in the next video and will add this into description