terraform s3 backend for wasabi


 I'm trying to use wasabi for a terraform backend. No matter what I do, I get a 403 even though I can use the exact same access key id and secret with the aws cli without issue.

aws cli works (bucket name filtered out with grep):

✗ aws s3 ls --endpoint-url=https://s3.wasabisys.com | grep terraform | awk '{print $1 $2}'

Has anyone configured a s3 backend for wasabi in terraform?

I've set up a policy that should provide all the access terraform needs:

  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::<USER_ID>:user/<USER_NAME>"
      "Action": "s3:ListBucket",
    "Resource": ""arn:aws:s3:::<BUCKET_NAME>/terraform.tfstate"
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::<USER_ID>:user/<USER_NAME>"
      "Action": [
    "Resource": "arn:aws:s3:::<BUCKET_NAME>/terraform.tfstate"

My backend (I've also tried exporting AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY):

backend "s3" {
bucket = "<bucket_name>"
key = "staging/terraform.tfstate"
endpoint = "s3.wasabisys.com"
region = "us-east-1"
profile = "default"
skip_credentials_validation = true
skip_region_validation = true
skip_metadata_api_check = true




1 comment

Please sign in to leave a comment.

Didn't find what you were looking for?

New post