You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
resource"upcloud_managed_object_storage_policy""default" {
name="mybucket-write-only-policy"description="Policy to allow write-only access to the bucket mybucket"document=urlencode("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"s3:PutObject\"],\"Resource\":\"arn:aws:s3:::mybucket/*\",\"Effect\":\"Allow\",\"Sid\":\"ObjectOperations\"}]}")
service_uuid=upcloud_managed_object_storage.default.id
}
BUT re-applying the same, will result with "must be replaced and errors":
# module.backups.upcloud_managed_object_storage_policy.default["mybucket"] must be replaced-/+resource"upcloud_managed_object_storage_policy""default" {
~ arn="urn:ecs:iam::128e91db94dd4ecba14f51e564128475:policy/mybucket-write-only-policy"-> (known after apply)
~ attachment_count=0-> (known after apply)
~ created_at="2024-06-11 08:41:10 +0000 UTC"-> (known after apply)
~ default_version_id="v1"-> (known after apply)
~ document="%7B%22Version%22%3A%222012-10-17%22%2C%22Statement%22%3A%5B%7B%22Action%22%3A%5B%22s3%3APutObject%22%5D%2C%22Resource%22%3A%22arn%3Aaws%3As3%3A%3A%3A3Amybucket%5C%2F*%22%2C%22Effect%22%3A%22Allow%22%2C%22Sid%22%3A%22ObjectOperations%22%7D%5D%7D"->"%7B%22Version%22%3A%222012-10-17%22%2C%22Statement%22%3A%5B%7B%22Action%22%3A%5B%22s3%3APutObject%22%5D%2C%22Resource%22%3A%22arn%3Aaws%3As3%3A%3A%3Amybucket%2F%2A%22%2C%22Effect%22%3A%22Allow%22%2C%22Sid%22%3A%22ObjectOperations%22%7D%5D%7D"# forces replacement
~ id="128e91db-94dd-4ecb-a14f-51e564128475/mybucket-write-only-policy"-> (known after apply)
name="mybucket-write-only-policy"
~ system=false-> (known after apply)
~ updated_at="2024-06-11 08:41:10 +0000 UTC"-> (known after apply)
# (2 unchanged attributes hidden)
}
So the encoded string does not match anymore near the /*:
%7B%22Version%22%3A%222012-10-17%22%2C%22Statement%22%3A%5B%7B%22Action%22%3A%5B%22s3%3APutObject%22%5D%2C%22Resource%22%3A%22arn%3Aaws%3As3%3A%3A%3A3Amybucket%5C%2F*%22%2C%22Effect%22%3A%22Allow%22%2C%22Sid%22%3A%22ObjectOperations%22%7D%5D%7D
vs
%7B%22Version%22%3A%222012-10-17%22%2C%22Statement%22%3A%5B%7B%22Action%22%3A%5B%22s3%3APutObject%22%5D%2C%22Resource%22%3A%22arn%3Aaws%3As3%3A%3A%3Amybucket%2F%2A%22%2C%22Effect%22%3A%22Allow%22%2C%22Sid%22%3A%22ObjectOperations%22%7D%5D%7D
The text was updated successfully, but these errors were encountered:
I have following which will apply fine:
It will create following policy:
BUT re-applying the same, will result with "must be replaced and errors":
So the encoded string does not match anymore near the
/*
:The text was updated successfully, but these errors were encountered: