Complete the code to create an AWS S3 bucket resource named 'my_bucket'.
resource "aws_s3_bucket" "my_bucket" { bucket = [1] acl = "private" }
The bucket name must be a unique string. Here, "my-unique-bucket-123" is a valid bucket name.
Complete the code to create an AWS IAM role that depends on the S3 bucket resource.
resource "aws_iam_role" "my_role" { name = "my_role" assume_role_policy = jsonencode({ "Version": "2012-10-17", "Statement": [{ "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": [1] } }] }) }
The IAM role is assumed by EC2 instances, so the service principal is "ec2.amazonaws.com".
Fix the error in the code to create an AWS S3 bucket policy that depends on the bucket resource.
resource "aws_s3_bucket_policy" "bucket_policy" { bucket = aws_s3_bucket.my_bucket.[1] policy = jsonencode({ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": "*", "Action": ["s3:GetObject"], "Resource": ["arn:aws:s3:::${aws_s3_bucket.my_bucket.bucket}/*"] }] }) }
The bucket attribute to reference the bucket name is "bucket".
Fill both blanks to create an AWS EC2 instance that implicitly depends on the IAM role and uses the role's ARN.
resource "aws_instance" "web" { ami = "ami-12345678" instance_type = "t2.micro" iam_instance_profile = aws_iam_role.my_role.[1] tags = { Name = [2] } }
The EC2 instance profile expects the IAM role id, and the tag Name is set to "WebServer".
Fill all three blanks to create a security group with ingress rules that depend on the VPC and allow HTTP traffic.
resource "aws_security_group" "web_sg" { name = [1] description = "Allow HTTP traffic" vpc_id = aws_vpc.main.[2] ingress { from_port = 80 to_port = 80 protocol = [3] cidr_blocks = ["0.0.0.0/0"] } }
The security group name is "web_sg", the VPC id is referenced by aws_vpc.main.id, and the protocol for HTTP is "tcp".