CodexBloom - Programming Q&A Platform

Terraform 1.4.1: AWS S3 Bucket Policy Not Applying Correctly for Cross-Account Access

πŸ‘€ Views: 42 πŸ’¬ Answers: 1 πŸ“… Created: 2025-08-06
terraform aws s3 hcl

I can't seem to get I'm sure I'm missing something obvious here, but I'm building a feature where I'm performance testing and I'm learning this framework and I'm experiencing issues with setting up a cross-account access policy for an S3 bucket using Terraform 1.4.1....... Despite applying the policy, the user from the other account receives a '403 Forbidden' behavior when attempting to access the bucket. Here’s the relevant code snippet for the S3 bucket and its policy: ```hcl resource "aws_s3_bucket" "my_bucket" { bucket = "my-unique-bucket-name" } resource "aws_s3_bucket_policy" "my_bucket_policy" { bucket = aws_s3_bucket.my_bucket.id policy = jsonencode({ Version = "2012-10-17" Statement = [ { Effect = "Allow" Principal = { AWS = "arn:aws:iam::123456789012:root" } Action = "s3:GetObject" Resource = "${aws_s3_bucket.my_bucket.arn}/*" } ] }) } ``` I’ve confirmed that the AWS account ID (`123456789012`) is correct and that the user has not only been granted permission to access the bucket but is also using the correct IAM role. I also verified that there are no service control policies (SCPs) blocking access. I've tried applying the policy multiple times and even recreated the bucket and policy resources, but the scenario continues. Additionally, when I run `terraform apply`, it indicates that the policy is applied successfully without errors, which makes diagnosing the question quite tricky. I've checked the bucket policy via the AWS console, and it seems to reflect what I've defined in Terraform. Has anyone encountered a similar scenario, or does anyone have suggestions on how to troubleshoot this further? Any insights into what might be causing the '403 Forbidden' behavior would be greatly appreciated! Am I missing something obvious? My development environment is Windows 10. Any ideas what could be causing this? I'm developing on Windows 11 with Hcl. Thanks, I really appreciate it! I'm working in a CentOS environment. This is for a CLI tool running on Windows 10. Any help would be greatly appreciated!