search

aws-samples / amazon-cloudfront-secure-static-site

Create a secure static website with CloudFront for your registered domain.
Apache License 2.0
385 stars 140 forks source link

Failure to create `S3BucketLogs` #60

Closed JLErvin closed 1 year ago

JLErvin commented 1 year ago

In April 2023, Amazon automatically enabled S3 Block Public Access and disabled access control lists for all new buckets. When attempting to perform the aws cloudformation deploy ... step in this example, custom resources will always fail to create the S3BucketLogs due to this change.

I was able to get the example working by providing the following diff:

-      AccessControl: LogDeliveryWrite
+      OwnershipControls:
+        Rules:
+          - ObjectOwnership: ObjectWriter

Which was suggested per this AWS blog post. It's unclear to me if the maintainers of this library want to implement that solution, but the example currently does not work as-is.

ConnorKirk commented 1 year ago

Thanks @JLErvin for raising an issue. I will try to implement the fix asap.

ConnorKirk commented 1 year ago

This is now fixed. I'm sorry for the delay. Thank you again for raising the issue.