Allow creating a policy for an existing S3 bucket (#154)

cloudposse · Apr 26, 2021 · f6c3ce2 · f6c3ce2
1 parent d378e4b
commit f6c3ce2
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -87,8 +87,11 @@ data "aws_iam_policy_document" "origin_website" {
 }
 
 resource "aws_s3_bucket_policy" "default" {
-  count  = (module.this.enabled && (! local.using_existing_origin || var.override_origin_bucket_policy)) ? 1 : 0
-  bucket = join("", aws_s3_bucket.origin.*.bucket)
+  count = (module.this.enabled && (! local.using_existing_origin || var.override_origin_bucket_policy)) ? 1 : 0
+  bucket = join("", local.using_existing_origin
+    ? data.aws_s3_bucket.selected.*.bucket # Existing origin S3 bucket
+    : aws_s3_bucket.origin.*.bucket        # Origin S3 bucket this module manages
+  )
   policy = local.iam_policy_document
 }