Resource: awsMediaStoreContainerPolicy
Provides a MediaStore Container Policy.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsMediaStoreContainerExample =
new aws.mediaStoreContainer.MediaStoreContainer(this, "example", {
name: "example",
});
const dataAwsCallerIdentityCurrent =
new aws.dataAwsCallerIdentity.DataAwsCallerIdentity(this, "current", {});
const dataAwsRegionCurrent = new aws.dataAwsRegion.DataAwsRegion(
this,
"current_2",
{}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsRegionCurrent.overrideLogicalId("current");
const dataAwsIamPolicyDocumentExample =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "example_3", {
statement: [
{
actions: ["mediastore:*"],
condition: [
{
test: "Bool",
values: ["true"],
variable: "aws:SecureTransport",
},
],
effect: "Allow",
principals: [
{
identifiers: [
`arn:aws:iam::\${${dataAwsCallerIdentityCurrent.accountId}}:root`,
],
type: "AWS",
},
],
resources: [
`arn:aws:mediastore:\${${dataAwsRegionCurrent.name}}:\${${dataAwsCallerIdentityCurrent.accountId}}:container/\${${awsMediaStoreContainerExample.name}}/*`,
],
sid: "MediaStoreFullAccess",
},
],
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsIamPolicyDocumentExample.overrideLogicalId("example");
const awsMediaStoreContainerPolicyExample =
new aws.mediaStoreContainerPolicy.MediaStoreContainerPolicy(
this,
"example_4",
{
containerName: awsMediaStoreContainerExample.name,
policy: dataAwsIamPolicyDocumentExample.json,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsMediaStoreContainerPolicyExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
containerName
- (Required) The name of the container.policy
- (Required) The contents of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.
Attributes Reference
No additional attributes are exported.
Import
MediaStore Container Policy can be imported using the MediaStore Container Name, e.g.,