s3_website.tf

# --------------------------------------------------------------
# BUCKET FOR GUI WEBSITE
# ---------------------------------------------------------------
resource "aws_s3_bucket" "website_front" {

  bucket = "mm-${var.env}-${data.consul_keys.ck.var.project_name}-${var.install_name}-website"
  acl    = "${data.consul_keys.ck.var.bucket_acl}"
  region = "${data.consul_keys.ck.var.region}"

  website {
    index_document = "index.html"
  }

  tags {
    BillingBusinessApp = "${data.consul_keys.ck.var.billing_business_app}"
    Name               = "mm-${var.env}-${data.consul_keys.ck.var.project_name}-${var.install_name}-website"
    env                = "${var.env}"
    resource-name      = "${data.consul_keys.ck.var.project_name}"
  }

}

resource "aws_s3_bucket_policy" "bucket_policy_attach" {
  bucket = "${aws_s3_bucket.website_front.id}"
  policy = "${data.aws_iam_policy_document.bucket_policy.json}"
}

data "aws_iam_policy_document" "bucket_policy" {
  "statement" {
    sid = "AllowAccessToWebsiteBucket"
    effect = "Allow"
    actions = [
      "s3:GetObject"
    ]
    resources = [
      "${aws_s3_bucket.website_front.arn}/*",
      "${aws_s3_bucket.website_front.arn}"
    ]
    principals {
      type = "*"
      identifiers = ["*"]
    }
  }
}