Skip to content

Resource: awsMediaStoreContainerPolicy

Provides a MediaStore Container Policy.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsMediaStoreContainerExample =
  new aws.mediaStoreContainer.MediaStoreContainer(this, "example", {
    name: "example",
  });
const dataAwsCallerIdentityCurrent =
  new aws.dataAwsCallerIdentity.DataAwsCallerIdentity(this, "current", {});
const dataAwsRegionCurrent = new aws.dataAwsRegion.DataAwsRegion(
  this,
  "current_2",
  {}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsRegionCurrent.overrideLogicalId("current");
const dataAwsIamPolicyDocumentExample =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "example_3", {
    statement: [
      {
        actions: ["mediastore:*"],
        condition: [
          {
            test: "Bool",
            values: ["true"],
            variable: "aws:SecureTransport",
          },
        ],
        effect: "Allow",
        principals: [
          {
            identifiers: [
              `arn:aws:iam::\${${dataAwsCallerIdentityCurrent.accountId}}:root`,
            ],
            type: "AWS",
          },
        ],
        resources: [
          `arn:aws:mediastore:\${${dataAwsRegionCurrent.name}}:\${${dataAwsCallerIdentityCurrent.accountId}}:container/\${${awsMediaStoreContainerExample.name}}/*`,
        ],
        sid: "MediaStoreFullAccess",
      },
    ],
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsIamPolicyDocumentExample.overrideLogicalId("example");
const awsMediaStoreContainerPolicyExample =
  new aws.mediaStoreContainerPolicy.MediaStoreContainerPolicy(
    this,
    "example_4",
    {
      containerName: awsMediaStoreContainerExample.name,
      policy: dataAwsIamPolicyDocumentExample.json,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsMediaStoreContainerPolicyExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • containerName - (Required) The name of the container.
  • policy - (Required) The contents of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.

Attributes Reference

No additional attributes are exported.

Import

MediaStore Container Policy can be imported using the MediaStore Container Name, e.g.,

$ terraform import aws_media_store_container_policy.example example