Add required DynamoDB IAM permissions for state locking to S3 backend docs

This commit is contained in:
Andrew Haines 2018-04-04 09:35:31 +01:00
parent 6c2b2515bd
commit b6fbb42be6
No known key found for this signature in database
GPG Key ID: B16A6F178227A23E
1 changed files with 28 additions and 0 deletions

View File

@ -67,6 +67,34 @@ This is seen in the following AWS IAM Statement:
}
```
### DynamoDB Table Permissions
If you are using state locking, Terraform will need the following AWS IAM
permissions on the DynamoDB table (`arn:aws:dynamodb:::table/mytable`):
* `dynamodb:GetItem`
* `dynamodb:PutItem`
* `dynamodb:DeleteItem`
This is seen in the following AWS IAM Statement:
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:DeleteItem"
],
"Resource": "arn:aws:dynamodb:*:*:table/mytable"
}
]
}
```
## Using the S3 remote state
To make use of the S3 remote state we can use the