From d3b455f1df576c9ae7be2035d990e89ef53c6e43 Mon Sep 17 00:00:00 2001
From: ashle001 <roy.d.ashley.jr@census.gov>
Date: Thu, 22 Oct 2020 10:10:14 -0400
Subject: [PATCH] sid and statement attributes

---
 main.tf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index ef28fe9..1121787 100644
--- a/main.tf
+++ b/main.tf
@@ -130,13 +130,14 @@ data "aws_iam_policy_document" "this" {
     }
   }
   statement {
-      sid           = "IPAddressRestriction"
+      sid           = "RemoteAccessBucketRestrictions"
       effect        = "Deny"
       actions       = ["s3:*"]
       principals {
         type        = "AWS"
         identifiers = ["*"]
       }
+      resources = [aws_s3_bucket.this.arn, "${aws_s3_bucket.this.arn}/*"]
       dynamic "condition" {
         for_each = local.s3_bucket_conditions
         iterator = c