mirror of
https://github.com/opentffoundation/opentf.git
synced 2026-03-13 01:00:50 -04:00
a3ae38d1bb
* docs: update AWS examples. Disntinguish between alb and alb listener datasource * more hcl highlighting * more hcl * fix missing end quote in docs * docs: finish updates to AWS data source highlights Also updates layout to distinguish some resources
1.7 KiB
1.7 KiB
layout, page_title, sidebar_current, description
| layout | page_title | sidebar_current | description |
|---|---|---|---|
| aws | AWS: aws_redshift_service_account | docs-aws-datasource-redshift-service-account | Get AWS Redshift Service Account ID for storing audit data in S3. |
aws_redshift_service_account
Use this data source to get the Service Account ID of the AWS Redshift Account in a given region for the purpose of allowing Redshift to store audit data in S3.
Example Usage
data "aws_redshift_service_account" "main" {}
resource "aws_s3_bucket" "bucket" {
bucket = "tf-redshift-logging-test-bucket"
force_destroy = true
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "Put bucket policy needed for audit logging",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam:${data.aws_redshift_service_account.main.id}:user/logs"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket/*"
},
{
"Sid": "Get bucket policy needed for audit logging ",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam:${data.aws_redshift_service_account.main.id}:user/logs"
},
"Action": "s3:GetBucketAcl",
"Resource": "arn:aws:s3:::tf-redshift-logging-test-bucket"
}
]
}
EOF
}
Argument Reference
region- (Optional) Name of the Region whose Redshift account id is desired. If not specified, default's to the region from the AWS provider configuration.
Attributes Reference
id- The ID of the Redshift service Account in the selected region.