From 12ac1d888f3274eda06c909a31f072089dd09b0f Mon Sep 17 00:00:00 2001
From: avendretter <jgog@gmx.de>
Date: Wed, 11 Aug 2021 05:36:50 +0200
Subject: [PATCH] fix privileged_principal_arns not creating bucket policy
 (#101)

* fix privileged_principal_arns not creating bucket policy

* Auto Format

Co-authored-by: julian <julan.gog.external@bitwala.com>
Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
---
 main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 71f9e994..f0a39124 100644
--- a/main.tf
+++ b/main.tf
@@ -364,7 +364,7 @@ data "aws_iam_policy_document" "aggregated_policy" {
 }
 
 resource "aws_s3_bucket_policy" "default" {
-  count      = local.enabled && (var.allow_ssl_requests_only || var.allow_encrypted_uploads_only || length(var.s3_replication_source_roles) > 0 || var.policy != "") ? 1 : 0
+  count      = local.enabled && (var.allow_ssl_requests_only || var.allow_encrypted_uploads_only || length(var.s3_replication_source_roles) > 0 || length(var.privileged_principal_arns) > 0 || var.policy != "") ? 1 : 0
   bucket     = join("", aws_s3_bucket.default.*.id)
   policy     = join("", data.aws_iam_policy_document.aggregated_policy.*.json)
   depends_on = [aws_s3_bucket_public_access_block.default]