website: Clarify that example S3 policy is for an IAM entity (#20791)

This commit is contained in:
Nick Fagerlund 2019-03-22 12:10:35 -07:00 committed by GitHub
parent 2e15f6f585
commit c06674bac7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions

View File

@ -67,6 +67,13 @@ This is seen in the following AWS IAM Statement:
}
```
-> **Note:** AWS can control access to S3 buckets with either IAM policies
attached to users/groups/roles (like the example above) or resource policies
attached to bucket objects (which look similar but also require a `Principal` to
indicate which entity has those permissions). For more details, see Amazon's
documentation about
[S3 access control](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
### DynamoDB Table Permissions
If you are using state locking, Terraform will need the following AWS IAM