I have a bucket which I need to restrict to a specific user, I have written the following script but it still seems to allow all users to operate on the bucket.
resource "aws_s3_bucket" "vulnerability-scans" { bucket = "vulnerability-scans"}resource "aws_s3_bucket_policy" "vulnerability-scans" { bucket = aws_s3_bucket.vulnerability-scans.id policy = data.aws_iam_policy_document.vulnerability-scans.json}data "aws_iam_policy_document" "vulnerability-scans" { statement { principals { type = "AWS" identifiers = [ aws_iam_user.circleci.arn, ] } actions = ["s3:PutObject","s3:GetObject","s3:ListBucket", ] resources = [ aws_s3_bucket.vulnerability-scans.arn,"${aws_s3_bucket.vulnerability-scans.arn}/*", ] }}