I am able to create S3 multi region access point(mrap) for two s3 buckets(us-east-1 & us-west-2 region) using terraform resource “aws_s3control_multi_region_access_point” and it is creating failover configuration with routing status active/active. Is there any way we can specify routing status from terraform so we can define one bucket as active and other as passive?
1 Like
I am looking for a way to do this also within terraform. I can only find this resource so far:
resource "null_resource" "set_my_mrap_active_passive" {
provisioner "local-exec" {
command = "aws s3control submit-multi-region-access-point-routes --region us-east-1 --account-id ${data.aws_caller_identity.current.account_id} --mrap ${aws_s3control_multi_region_access_point.my_mrap.0.arn} --route-updates Bucket=${data.aws_s3_bucket.my_s3bucket_east.id},TrafficDialPercentage=100 Bucket=${data.aws_s3_bucket.my_s3bucket_west.id},TrafficDialPercentage=0"
}
depends_on = [aws_s3control_multi_region_access_point.my_mrap]
}
Thank you Eric.
I am seeing this error while deploying using Jenkins : An error occurred (AccessDenied) when calling the SubmitMultiRegionAccessPointRoutes operation: Access Denied
Jenkins user role as policy set to “s3:*”.
where do we assign role for this resource to resolve the error?
Does your Jenkins agent have permission to access the AWS CLI?
In case if it helps somebody, I had to specify the profile parameter in aws cli:
command = “aws --profile {myprofile} s3control submit-multi-region-access-point-routes --region us-east-1 --account-id {data.aws_caller_identity.current.account_id} --mrap {aws_s3control_multi_region_access_point.my_mrap.0.arn} --route-updates Bucket={data.aws_s3_bucket.my_s3bucket_east.id},TrafficDialPercentage=100 Bucket={data.aws_s3_bucket.my_s3bucket_west.id},TrafficDialPercentage=0”