terraform plan throws Unsupported argument and attribute cannot be set error

1
votes

I am trying to create an s3 bucket using terraform. Following is my s3.tf file

resource "aws_s3_bucket" "b" {
  bucket = "my-bucket"
  acl    = "private"
  force_destroy = "true"
  policy = ""
  region = "us-east-1"

  tags = {
    org = "xyz"
    Environment = "CI"
    project = "abc"
  }

  versioning {
    enabled = "true"
  }

  cors_rule {
    allowed_headers = ["*"]
    allowed_methods = ["PUT", "POST"]
    allowed_origins = ["https://s3-website-test.hashicorp.com"]
    expose_headers  = ["ETag"]
    max_age_seconds = 3000
  }



}

// S3 bucket-level Public Access Block configuration
resource "aws_s3_bucket_public_access_block" "b" {
  bucket = aws_s3_bucket.b.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

Policy.tf file

resource "aws_s3_bucket_policy" "b" {
  bucket = aws_s3_bucket.b.id
  path = "/"
  description = "Policy for api to access S3 Bucket"

  policy = <<POLICY
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket/*"
            ]
        }
    ]
}
POLICY
}

The terraform plan is throwing unsupported argument error for policy in s3.tf file and path and description in policy.tf file and Computed attribute cannot be set error for region. I could intialize these arguments in the previous versions of terraform. Are they not supported now? If they are not supported now is there a way to intialize these arguments in the s3.tf and policy.tf files?

Error messages:

Error: Unsupported argument

  on s3.tf line 6, in resource "aws_s3_bucket" "b":
   6:   bucket_policy = ""

An argument named "policy" is not expected here.

Error: Computed attribute cannot be set

  on s3.tf line 7, in resource "aws_s3_bucket" "b":
   7:   region = "us-east-1"

Error: Unsupported argument

  on policy.tf line 30, in resource "aws_s3_bucket_policy" "b":
  30:   path = "/"

An argument named "path" is not expected here.

Error: Unsupported argument

  on policy.tf line 31, in resource "aws_s3_bucket_policy" "b":
  31:   description = "Policy for api to access S3 Bucket"

An argument named "description" is not expected here.
1
amazon-web-servicesamazon-s3terraformterraform-provider-aws
"throwing unsupported argument error for region and policy in s3.tf " - please paste the exact error message - Grzegorz Oledzki
@GrzegorzOledzki I have added the error messages - merilstack

1 Answers

1
votes

(partial answer)

Region

I think the region argument is specified when you define a provider, not for each resource. This is how AWS provider for Terraform works.

aws_s3_bucket_policy

Similarly for aws_s3_bucket_policy. The docs clearly indicate only two allowed arguments for this type of resource:

bucket - (Required) The name of the bucket to which to apply the policy.

policy - (Required) The text of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.