我正在尝试创建加密的S3存储桶。在执行terraform apply之后,一切看起来都不错,但是当我在AWS控制台中查看存储桶时,它没有被加密。我也知道previous问题。
这是我的Terraform版本:
Terraform v0.11.13
+ provider.aws v2.2.0
这是我的tf文件:
resource "aws_s3_bucket" "test-tf-enc" {
bucket = "test-tf-enc"
acl = "private"
tags {
Name = "test-tf-enc"
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}
这是我执行命令后的输出:
aws_s3_bucket.test-tf-enc: Creating...
acceleration_status: "" => "<computed>"
acl: "" => "private"
arn: "" => "<computed>"
bucket: "" => "test-tf-enc"
bucket_domain_name: "" => "<computed>"
bucket_regional_domain_name: "" => "<computed>"
force_destroy: "" => "false"
hosted_zone_id: "" => "<computed>"
region: "" => "<computed>"
request_payer: "" => "<computed>"
server_side_encryption_configuration.#: "" => "1"
server_side_encryption_configuration.0.rule.#: "" => "1"
server_side_encryption_configuration.0.rule.0.apply_server_side_encryption_by_default.#: "" => "1"
server_side_encryption_configuration.0.rule.0.apply_server_side_encryption_by_default.0.sse_algorithm: "" => "AES256"
tags.%: "" => "1"
tags.Name: "" => "test-tf-enc"
versioning.#: "" => "<computed>"
website_domain: "" => "<computed>"
website_endpoint: "" => "<computed>"
aws_s3_bucket.test-tf-enc: Still creating... (10s elapsed)
aws_s3_bucket.test-tf-enc: Creation complete after 10s (ID: test-tf-enc)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
答案 0 :(得分:0)
按预期工作。
使用没有足够权限的其他用户来通过AWS管理控制台中的UI验证操作会造成混乱。只有在展开“加密”窗格后,用户界面中的权限不足消息才可见。
使用aws cli进行故障排除以减少问题的产生。