search

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap
https://aws.amazon.com/cloudformation/
Creative Commons Attribution Share Alike 4.0 International
1.1k stars 53 forks source link

[AWS::S3::Bucket] Enabling ObjectLock on an existing bucket is now supported #1929

Open blimmer opened 5 months ago

blimmer commented 5 months ago

Name of the resource

AWS::S3::Bucket

Resource name

No response

Description

According to https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-s3-enabling-object-lock-buckets/ , you can now enable Object Lock on an existing bucket.

However, the CloudFormation change set indicates that it requires replacement:

[
  {
    "type": "Resource",
    "resourceChange": {
      "action": "Modify",
      "logicalResourceId": "Bucket83908E77",
      "physicalResourceId": "foostack-bucket83908e77-x5oftmkjofzs",
      "resourceType": "AWS::S3::Bucket",
      "replacement": "True",
      "scope": [
        "Properties"
      ],
      "details": [
        {
          "target": {
            "attribute": "Properties",
            "name": "ObjectLockEnabled",
            "requiresRecreation": "Always"
          },
          "evaluation": "Static",
          "changeSource": "DirectModification"
        }
      ]
    }
  }
]

Other Details

Originally discovered via: https://github.com/aws/aws-cdk/issues/29168

kddejong commented 4 months ago

This is in progress. I'll try to watch the PR and update the ticket appropriately.