AWS S3 policy resoruce ordering

[karoldrazek]

When I'm assigning policy to AWS bucket using template file the ordering of resources or any elements on the list shouldn't matter.

After I assign example policy template:
{ "Id": "Policy1123123123", "Statement": [ { "Action": "s3:*", "Effect": "Allow", "Resource": [ "${s3_bucket}/*", "${s3_bucket}" ], "Condition": { "StringEquals": { "aws:sourceVpce": "${vpc_endpoint_address}" } }, "Principal": { "AWS": "${s3_user}" }, "Sid": "bucket_access" } ], "Version": "2012-10-17" }

it happens that AWS creates policy which has different resource order (not always!):
"Resource": [ "bucket_name", "bucket_name/*" ],

I think Terrafrom should ignore the ordering as this doesn't matter on AWS side.

[coen-hyde]

#4278 will fix this isssue

[stack72]

Hi @karoldrazek

This has been fixed by #8615 where we introduced a new library into the project that checks for the structural equality of the policy JSON. This means that we can detect when ordering is different and when a policy has been normalized by AWS to change a string to a single item array etc

This will be released as part of Terraform 0.7.3

Paul

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.