-
-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error putting S3 policy: MalformedPolicy: Invalid principal in policy #50
Comments
I am having this issue too and I thought I was going crazy!!! |
`# module.computercompany_cdn_dev.aws_s3_bucket_policy.default will be created
I think its a problem with the labeler. this is in the tfstate
|
Its related to this hashicorp/terraform-provider-aws#10158 |
Created a PR that fixes this #51 |
This issue may not be relevant any more according to the last comment in PR #51 |
I'm having this issue trying this code. Still checking what could be wrong. Any help will be appreciated. Thanks in advance. Error
Code
|
I guess this is a blocker.
This module wouldn't work unless AWS fixes this issue or you start using canonical ID instead of CloudFront Origin Access Identity ID.
Recently AWS made a few changes to their origin access identity policy format. The S3 bucket policy is now rejecting principal with spaces in it.
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EO3XXXXXXXX"
}
They now replaced it with
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront_Origin_Access_Identity_EO3XXXXXXXX"
}
This module is still generating policy with spaces in its principal and hence the issue.
Can we change it to use canonical ID instead?
The text was updated successfully, but these errors were encountered: