skip to Main Content

I am getting an error when try to implement this policy:

Error: "policy" contains an invalid JSON: invalid character ‘]’ looking for beginning of value

Could someone explain faced this issue on how to fix it?

policy = <<POLICY
{
    "Version": "2012-10-17",
    "Id": "Policy1704624583452",
    "Statement": [
        {
            "Sid": "Stmt1704622653819",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::jenkins-prj01-s3bucket/",
                "arn:aws:s3:::jenkins-prj01-s3bucket/*"
            ]
        },
        {
            "Sid": "PublicReadGetObject",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::jenkins-prj01-s3bucket/",
                "arn:aws:s3:::jenkins-prj01-s3bucket/*"
            ]
        },
    ]
}
  depends_on = [aws_s3_bucket_public_access_block.override_default_setting]
}
POLICY
}

Expecting to get rid of this error and implement the policy on a S3 bucket.

2

Answers


  1. Chosen as BEST ANSWER
    #Create a s3 bucket policy
    resource "aws_s3_bucket_policy" "jenkins-prj1-cloudstore-policy" {
      bucket = aws_s3_bucket.jenkins-prj1-cloudstore.id
    
       policy = <<POLICY
    {
        "Version": "2012-10-17",
        "Id": "Policy1704624583452",
        "Statement": [
            {
                "Sid": "Stmt1704622653819",
                "Effect": "Allow",
                "Principal": "*",
                "Action": "s3:*",
                "Resource": [
                    "arn:aws:s3:::jenkins-prj01-s3bucket/",
                    "arn:aws:s3:::jenkins-prj01-s3bucket/*"
                ]
            },
            {
                "Sid": "PublicReadGetObject",
                "Action": "s3:GetObject",
                "Effect": "Allow",
                "Resource": [
                    "arn:aws:s3:::jenkins-prj01-s3bucket/",
                    "arn:aws:s3:::jenkins-prj01-s3bucket/*"
                ]
            }
        ]
    }
    POLICY
    depends_on = [aws_s3_bucket_public_access_block.override_default_setting]
    }
    

    i am getting below error now with above resource.

    │ Error: putting S3 Bucket (jenkins-prj01-s3bucket) Policy: operation error S3: PutBucketPolicy, https response error StatusCode: 400, RequestID: F5FDY6ABC5D3G4F5, HostID: NhyFijzzU5MIfFWDtiuN7hPGo5qCdQUI1PihUOlDUg2AuLrPXM/MlXjmnlASRPhmx6MsJABpsZw=, api error MalformedPolicy: Policy has invalid resource │ │ with aws_s3_bucket_policy.jenkins-prj1-cloudstore-policy, │ on Main.tf line 73, in resource "aws_s3_bucket_policy" "jenkins-prj1-cloudstore-policy": │ 73: resource "aws_s3_bucket_policy" "jenkins-prj1-cloudstore-policy" {


  2. Use a JSON validator if you’re having issues. Here is valid JSON to work with:

    {
        "Version": "2012-10-17",
        "Id": "Policy1704624583452",
        "Statement": [
            {
                "Sid": "Stmt1704622653819",
                "Effect": "Allow",
                "Principal": "*",
                "Action": "s3:*",
                "Resource": [
                    "arn:aws:s3:::jenkins-prj01-s3bucket/",
                    "arn:aws:s3:::jenkins-prj01-s3bucket/*"
                ]
            },
            {
                "Sid": "PublicReadGetObject",
                "Principal": "*",
                "Action": "s3:GetObject",
                "Effect": "Allow",
                "Resource": [
                    "arn:aws:s3:::jenkins-prj01-s3bucket/",
                    "arn:aws:s3:::jenkins-prj01-s3bucket/*"
                ]
            }
        ]
    }
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search