ansible/test/integration/targets/aws_config/templates/config-s3-policy.json.j2

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "sns:Publish",
            "Resource": "{{ config_sns_topic.sns_arn }}",
            "Effect": "Allow",
            "Sid": "PublishToSNS"
        },
        {
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::{{ config_s3_bucket }}/*",
            "Effect": "Allow",
            "Sid": "AllowPutS3Object"
        },
        {
            "Action": "s3:GetBucketAcl",
            "Resource": "arn:aws:s3:::{{ config_s3_bucket }}",
            "Effect": "Allow",
            "Sid": "AllowGetS3Acl"
        }
    ]
}