diff --git a/main.tf b/main.tf
index 208cf7e..8e53c57 100644
--- a/main.tf
+++ b/main.tf
@@ -86,6 +86,14 @@ data "aws_iam_policy_document" "this" {
   }
 }
 
+##########
+#   attach bucket policy
+##########
+resource "aws_s3_bucket_policy" "this" {
+  bucket = aws_s3_bucket.this.bucket
+  policy = data.aws_iam_policy_document.this.json
+}
+
 resource "null_resource" "s3_create_wait" {
   triggers = {
     bucket = aws_s3_bucket.this.id