From 39e1d4aff09ad5d0ae5c2bf07b7f3b2f1f24b151 Mon Sep 17 00:00:00 2001
From: Anuj Sharma <anuj_sharma401@yahoo.com>
Date: Thu, 25 Apr 2024 11:58:34 +0530
Subject: [PATCH] Create main.tf

---
 s3_terraform/main.tf | 49 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 s3_terraform/main.tf

diff --git a/s3_terraform/main.tf b/s3_terraform/main.tf
new file mode 100644
index 0000000..1f0b03b
--- /dev/null
+++ b/s3_terraform/main.tf
@@ -0,0 +1,49 @@
+# main.tf
+resource "aws_s3_bucket" "example" {
+  bucket = "my-tf-example-bucket"
+    tags = {
+      Name        = "MyS3Bucket"
+      Environment = "Production"
+    }
+}
+resource "aws_s3_bucket_acl" "example" {
+  bucket = aws_s3_bucket.example.id
+  acl    = "private"
+}
+resource "aws_s3_bucket" "log_bucket" {
+  bucket = "my-tf-log-bucket"
+    tags = {
+      Name        = "MyLogBucket"
+      Environment = "Production"
+    }
+}
+resource "aws_s3_bucket_acl" "log_bucket_acl" {
+  bucket = aws_s3_bucket.log_bucket.id
+  acl    = "log-delivery-write"
+}
+resource "aws_s3_bucket_logging" "example" {
+  bucket        = aws_s3_bucket.example.id
+  target_bucket = aws_s3_bucket.log_bucket.id
+  target_prefix = "log/"
+}
+
+resource "aws_s3_bucket_policy" "allow_access_from_another_account" {
+  bucket = aws_s3_bucket.example.id
+  policy = data.aws_iam_policy_document.allow_access_from_another_account.json
+}
+data "aws_iam_policy_document" "allow_access_from_another_account" {
+  statement {
+    principals {
+      type        = "AWS"
+      identifiers = ["123456789012"]
+    }
+    actions = [
+      "s3:GetObject",
+      "s3:ListBucket",
+    ]
+    resources = [
+      aws_s3_bucket.example.arn,
+      "${aws_s3_bucket.example.arn}/*",
+    ]
+  }
+}