Hey folks, I'm trying to use StreamingFileSink with s3, using IAM roles for
auth. Does anyone know what permissions the role should have for the
specified s3 bucket to work properly? I've been getting some auth errors,
and I suspect I'm missing some permissions:
data "aws_iam_policy_document" "s3_policy_document" {
version = "2012-10-17"
statement {
actions = [
"s3:AbortMultipartUpload",
"s3:CreateBucket",
"s3:DeleteObject",
"s3:Get*",
"s3:List*",
"s3:PutBucketVersioning",
"s3:PutObject",
"s3:PutObjectTagging"
]
resources = [
"arn:aws:s3:::bucket-name",
"arn:aws:s3:::bucket-name/*"
]
}
}
Maybe the CreateBucket permission doesn't work for create buckets within
subbuckets?
Thanks,
Li
