add input var s3_object_ownership

[bcarranza]

what

• Upgrade to version = "0.28.0" of the s3-log-storage to have the s3_object_ownership field available.
• The s3_object_ownership field is exposed as an input variable for use by the user consuming the current module.

why

• When you do not have acl , and you have only one account you probably want to restrict so that no other account has use over the s3 bucket.

references

• This resolves prowler the next vulnerability when you set s3_object_ownership = "BucketOwnerEnforced" <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

Result | Severity | AccountID | Region | Compliance | Service | CheckID | Check Title | Check Output | CIS Level | CAF Epic | Risk | Remediation | Docs | Resource ID -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- PASS | Medium | xxxxxxx | us-west-2 | Software and Configuration Checks | s3 | 7.172 | [extra7172] Check if S3 buckets have ACLs enabled | us-west-2: Bucket xxxxxx-s3-bucket has bucket ACLs enabled! | Extra | Logging and Monitoring | S3 ACLs are a legacy access control mechanism that predates IAM. IAM and bucket policies are currently the preferred methods. | Ensure that S3 ACLs are disabled (BucketOwnerEnforced). Use IAM policies and bucket policies to manage access. |   | xxxxxx-s3-bucket * This pr commit resolved: #62

[hans-d]

@bcarranza hi, can you resolve the merge conflict?

[hans-d]

/terratest

[mergify[bot]]

This pull request is now in conflict. Could you fix it @bcarranza? 🙏

[mergify[bot]]

This PR has been closed due to inactivity and merge conflicts. Please resolve the conflicts and reopen if necessary.

[mergify[bot]]

Thanks @bcarranza for creating this pull request!

A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.

While you wait, make sure to review our contributor guidelines.

[!TIP]

Need help or want to ask for a PR review to be expedited?

Join us on Slack in the #pr-reviews channel.