我正在尝试创建加密的 S3 存储桶。执行 terraform apply 后,一切看起来都不错,但是当我查看 AWS 控制台中的存储桶时,它并未加密。我也知道 previous题。
这是我的 terraform 版本:
Terraform v0.11.13
+ provider.aws v2.2.0
这是我的 tf 文件:
resource "aws_s3_bucket" "test-tf-enc" {
bucket = "test-tf-enc"
acl = "private"
tags {
Name = "test-tf-enc"
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}
这是我执行命令后的输出:
aws_s3_bucket.test-tf-enc: Creating...
acceleration_status: "" => "<computed>"
acl: "" => "private"
arn: "" => "<computed>"
bucket: "" => "test-tf-enc"
bucket_domain_name: "" => "<computed>"
bucket_regional_domain_name: "" => "<computed>"
force_destroy: "" => "false"
hosted_zone_id: "" => "<computed>"
region: "" => "<computed>"
request_payer: "" => "<computed>"
server_side_encryption_configuration.#: "" => "1"
server_side_encryption_configuration.0.rule.#: "" => "1"
server_side_encryption_configuration.0.rule.0.apply_server_side_encryption_by_default.#: "" => "1"
server_side_encryption_configuration.0.rule.0.apply_server_side_encryption_by_default.0.sse_algorithm: "" => "AES256"
tags.%: "" => "1"
tags.Name: "" => "test-tf-enc"
versioning.#: "" => "<computed>"
website_domain: "" => "<computed>"
website_endpoint: "" => "<computed>"
aws_s3_bucket.test-tf-enc: Still creating... (10s elapsed)
aws_s3_bucket.test-tf-enc: Creation complete after 10s (ID: test-tf-enc)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
最佳答案
按预期工作。
使用没有足够权限的不同用户通过 AWS 管理控制台中的 UI 验证操作会导致混淆。 UI 中的权限不足消息仅在展开加密 Pane 后可见。
使用 aws cli 进行故障排除以减少问题面。
关于amazon-web-services - 如何使用 Terraform 加密 S3 存储桶,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55231709/