terraform s3 backend for wasabi

Hi,

 I'm trying to use wasabi for a terraform backend. No matter what I do, I get a 403 even though I can use the exact same access key id and secret with the aws cli without issue.

aws cli works (bucket name filtered out with grep):

✗ aws s3 ls --endpoint-url=https://s3.wasabisys.com | grep terraform | awk '{print $1 $2}'
2023-08-1017:51:45


Has anyone configured a s3 backend for wasabi in terraform?

I've set up a policy that should provide all the access terraform needs:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::<USER_ID>:user/<USER_NAME>"
      },
      "Action": "s3:ListBucket",
    "Resource": ""arn:aws:s3:::<BUCKET_NAME>/terraform.tfstate"
    },
    {
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::<USER_ID>:user/<USER_NAME>"
      },
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject"
      ],
    "Resource": "arn:aws:s3:::<BUCKET_NAME>/terraform.tfstate"
    }
  ]
}



My backend (I've also tried exporting AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY):

backend "s3" {
bucket = "<bucket_name>"
key = "staging/terraform.tfstate"
endpoint = "s3.wasabisys.com"
region = "us-east-1"
profile = "default"
skip_credentials_validation = true
skip_region_validation = true
skip_metadata_api_check = true
}

 

0

Comments

1 comment

Please sign in to leave a comment.

Didn't find what you were looking for?

New post