cloudposse/terraform-aws-s3-log-storage
### [`v0.26.0`](https://togithub.com/cloudposse/terraform-aws-s3-log-storage/releases/0.26.0)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-log-storage/compare/0.25.0...0.26.0)
Add S3 bucket ownership controls @max-lobur (#61)
#### what
* Set aws_s3_bucket_ownership_controls to BucketOwnerPreferred
#### why
* Per [docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) this setting will let object uploader decide ownership. If `bucket-owner-full-control` ACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of the `bucket-owner-full-control` ACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expected
* I found no use cases for the other value of this resource: `ObjectWriter`. It corresponds to legacy S3 behavior which was broken for us. Decided to always set to `BucketOwnerPreferred` and not allow to customize. If the owner must be preserved, we should not pass `bucket-owner-full-control` - this is a more clear way to control the behavior.
#### references
* https://aws.amazon.com/blogs/storage/enforcing-ownership-of-amazon-s3-objects-in-a-multi-account-environment/
* https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
* https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#ObjectWriter
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, click this checkbox.
This PR contains the following updates:
0.25.0->0.26.0Release Notes
cloudposse/terraform-aws-s3-log-storage
### [`v0.26.0`](https://togithub.com/cloudposse/terraform-aws-s3-log-storage/releases/0.26.0) [Compare Source](https://togithub.com/cloudposse/terraform-aws-s3-log-storage/compare/0.25.0...0.26.0)Add S3 bucket ownership controls @max-lobur (#61)
#### what * Set aws_s3_bucket_ownership_controls to BucketOwnerPreferred #### why * Per [docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) this setting will let object uploader decide ownership. If `bucket-owner-full-control` ACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of the `bucket-owner-full-control` ACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expected * I found no use cases for the other value of this resource: `ObjectWriter`. It corresponds to legacy S3 behavior which was broken for us. Decided to always set to `BucketOwnerPreferred` and not allow to customize. If the owner must be preserved, we should not pass `bucket-owner-full-control` - this is a more clear way to control the behavior. #### references * https://aws.amazon.com/blogs/storage/enforcing-ownership-of-amazon-s3-objects-in-a-multi-account-environment/ * https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html * https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#ObjectWriterConfiguration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.