Closed simachriaws closed 6 months ago
Apologies the observed error was happening on an early version of service-catalog-engine-for-terraform-os, since now we have
LoggingBucketPolicy:
Type: AWS::S3::BucketPolicy
The LoggingBucket
create failure issue does not occur (checked 059dc57ae692b7f80871d3b1ad4a6eaf50dce44d
)
Steps to reproduce
./bin/bash/deploy-tre.sh -r <region>
Observed error
The CloudFormation logical id resource
LoggingBucket
fails with:Bucket cannot have ACLs set with ObjectOwnership's BucketOwnerEnforced setting (Service: S3, Status Code: 400...
and rolls back.Inspecting
/tmp/tre-sam-deploy-command.out
also confirms this to be the case, showing the exact same error.Possible Mechanisms to fix
/tmp/tre-sam-deploy-command.out
at a regular cadence to confirm`./bin/bash/deploy-tre.sh -r <region>
remains good on new accounts