Resource: aws_s3control_object_lambda_access_point_policy

Provides a resource to manage an S3 Object Lambda Access Point resource policy.

Example Usage

resource "aws_s3_bucket" "example" {
  bucket = "example"
}

resource "aws_s3_access_point" "example" {
  bucket = aws_s3_bucket.example.id
  name   = "example"
}

resource "aws_s3control_object_lambda_access_point" "example" {
  name = "example"

  configuration {
    supporting_access_point = aws_s3_access_point.example.arn

    transformation_configuration {
      actions = ["GetObject"]

      content_transformation {
        aws_lambda {
          function_arn = aws_lambda_function.example.arn
        }
      }
    }
  }
}

resource "aws_s3control_object_lambda_access_point_policy" "example" {
  name = aws_s3control_object_lambda_access_point.example.name

  policy = jsonencode({
    Version = "2008-10-17"
    Statement = [{
      Effect = "Allow"
      Action = "s3-object-lambda:GetObject"
      Principal = {
        AWS = data.aws_caller_identity.current.account_id
      }
      Resource = aws_s3control_object_lambda_access_point.example.arn
    }]
  })
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import Object Lambda Access Point policies using the account_id and name, separated by a colon (:). For example:

import {
  to = aws_s3control_object_lambda_access_point_policy.example
  id = "123456789012:example"
}

Using terraform import, import Object Lambda Access Point policies using the account_id and name, separated by a colon (:). For example:

% terraform import aws_s3control_object_lambda_access_point_policy.example 123456789012:example