Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provider/aws: Add iam_arn to aws_cloudfront_origin_access_identity #6955

Merged
merged 1 commit into from
Jun 1, 2016
Merged

provider/aws: Add iam_arn to aws_cloudfront_origin_access_identity #6955

merged 1 commit into from
Jun 1, 2016

Conversation

vancluever
Copy link
Contributor

I've noticed that when S3 normalizes a bucket policy it takes the CanonicalUser principal and converts it to an AWS one, with an ARN like:

arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ABCD123456

This of course causes more of the spurious diffs that we all know and love ;)

So, I've added the iam_arn to the aws_cloudfront_origin_access_identity resource and included some notes in the docs.

provider/aws: Add iam_arn to aws_cloudfront_origin_access_identity
65824c7 
Add the iam_arn attribute to aws_cloudfront_origin_access_identity,
which computes the IAM ARN for a certain CloudFront origin access
identity.

This is necessary because S3 modifies the bucket policy if CanonicalUser
is sent, causing spurious diffs with aws_s3_bucket resources.
@vancluever vancluever force-pushed the paybyphone_cloudfront_origin_access_identity_arn branch from f2695f7 to 65824c7 Compare May 31, 2016 20:56
@vancluever vancluever mentioned this pull request May 31, 2016
Closed
@catsby
Copy link
Contributor

catsby commented Jun 1, 2016

Thanks!

@catsby catsby merged commit d723e1c into hashicorp:master Jun 1, 2016
@vancluever
Copy link
Contributor Author

Thanks @catsby!

@xenoterracide
Copy link

reading this commit, I thought this would work... http://serverfault.com/q/837851/6852

@ghost
Copy link

ghost commented Apr 15, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vancluever @catsby @xenoterracide