Add required DynamoDB IAM permissions for state locking to S3 backend docs
This commit is contained in:
parent
6c2b2515bd
commit
b6fbb42be6
|
@ -67,6 +67,34 @@ This is seen in the following AWS IAM Statement:
|
|||
}
|
||||
```
|
||||
|
||||
### DynamoDB Table Permissions
|
||||
|
||||
If you are using state locking, Terraform will need the following AWS IAM
|
||||
permissions on the DynamoDB table (`arn:aws:dynamodb:::table/mytable`):
|
||||
|
||||
* `dynamodb:GetItem`
|
||||
* `dynamodb:PutItem`
|
||||
* `dynamodb:DeleteItem`
|
||||
|
||||
This is seen in the following AWS IAM Statement:
|
||||
|
||||
```json
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"dynamodb:GetItem",
|
||||
"dynamodb:PutItem",
|
||||
"dynamodb:DeleteItem"
|
||||
],
|
||||
"Resource": "arn:aws:dynamodb:*:*:table/mytable"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
## Using the S3 remote state
|
||||
|
||||
To make use of the S3 remote state we can use the
|
||||
|
|
Loading…
Reference in New Issue