Hi, Has anybody had success with creating an S3 Bucket policy? I keep getting 400 errors around malformed policy resources and statements.

Bucket bucket = new("bucket", new()
    {
        BucketName = $"{Deployment.Instance.ProjectName.ToLower()}-{Deployment.Instance.StackName.ToLower()}-static-website",
        Website = new BucketWebsiteArgs
        {
            IndexDocument = indexDocument,
            ErrorDocument = errorDocument,
        },
    });

    // Configure ownership controls for the new S3 bucket
    BucketOwnershipControls ownershipControls = new("ownership-controls", new()
    {
        Bucket = bucket.Id,
        Rule = new BucketOwnershipControlsRuleArgs
        {
            ObjectOwnership = "ObjectWriter",
        },
    });

    string bucketPolicyJson = @"
        {
            ""Version"": ""2012-10-17"",
            ""Statement"": [
                {
                    ""Effect"": ""Allow"",
                    ""Principal"": ""*"",
                    ""Action"": ""s3:GetObject"",
                    ""Resource"": ""arn:aws:s3:::my-bucket/*""
                }
            ]
        }";

    // Create the bucket policy
    var bucketPolicy = new BucketPolicy("my-bucket-policy", new BucketPolicyArgs
    {
        Bucket = bucket.Id, // Associate the policy with the created bucket
        Policy = bucketPolicyJson // The JSON policy string defined above
    });

error: 1 error occurred:
        * putting S3 Bucket (bucket-name) Policy: operation error S3: PutBucketPolicy, https response error StatusCode: 400, RequestID: HEDAWWX4J44ZMVTA, HostID: V9vNcDVQvmFBQ8BkPdi8iGcF2Nu53SR80w0Ov+VK+lScZCjjb+vrBNFmhIVbrO2eyeO8s6Z83QLkTZOSb7AHUw==, api error MalformedPolicy: Policy has invalid resource

Have you tried passing the policy through a different file as it might be because of the double quotes? I usually manage a policy.json file and in python I use the pulumi_std to import the policy file to the policy resource. That keeps it cleaner and avoid this kind of issues with quotes.