wip: check functionality of policy

byu-oit · Apr 10, 2024 · aaa6a58 · aaa6a58
1 parent f1e0ba6
commit aaa6a58
Showing 1 changed file with 15 additions and 15 deletions.
diff --git a/iac/modules/app/content-bucket.tf b/iac/modules/app/content-bucket.tf
@@ -76,22 +76,22 @@ data "aws_iam_policy_document" "static_website" {
       type        = "AWS"
     }
 
-    #    condition {
-    #      test     = "StringLike"
-    #      values   = [random_string.cf_key.result]
-    #      variable = "aws:Referer"
-    #    }
-  }
-  statement {
-    sid       = "2"
-    actions   = ["s3:*"]
-    resources = ["${aws_s3_bucket.CdnContentBucket.arn}/*"]
-
-    principals {
-      identifiers = ["*"]
-      type        = "AWS"
-    }
+        condition {
+          test     = "StringLike"
+          values   = [random_string.cf_key.result]
+          variable = "aws:Referer"
+        }
   }
+#  statement {
+#    sid       = "2"
+#    actions   = ["s3:*"]
+#    resources = ["${aws_s3_bucket.CdnContentBucket.arn}/*"]
+#
+#    principals {
+#      identifiers = ["*"]
+#      type        = "AWS"
+#    }
+#  }
 }
 
 resource "aws_s3_bucket_public_access_block" "content_bucket" {