How do I expose an s3 bucket created with the private-s3-bucket module publicly?
We are trying to expose specific directories (prefixes) in our S3 bucket publicly, however, adding a new policy seems to be not allowed. ``` bucket_policy_statements = { AllowPublicReadAccess = { actions = ["s3:GetObject"] effect = "Allow" keys = ["/public/*"] principals = { AWS = ["*"] } } } ``` The above will just throw `Error: Error putting S3 policy: AccessDenied: Access Denied` Another option that we are trying to do is to make a separate S3 bucket and make it public but there seems to be no options/variables that we can set for this.
This is by design. The `private-s3-bucket` module is for constructing an S3 bucket that is privately accessible, and implements the `aws_s3_bucket_public_access_block` which will prevent any s3 bucket policy that grants public access. We currently do not have a module for managing a publicly accessible s3 bucket, primarily because the module devolves to the `aws_s3_bucket` resource. We recommend creating a customized Terraform module for the kind of s3 bucket you want to create that calls the `aws_s3_bucket` resource directly and call that Terraform module from Terragrunt.