Updates the S3 terraform configuration to address a recent change made with respect to how AWS handles defaults for Access Control Lists on S3 buckets. Going forward all new S3 buckets will default their object ownership setting to bucket owner enforced, which means that requests to set/update ACLs will fail as well.
Description:
Updates the S3 terraform configuration to address a recent change made with respect to how AWS handles defaults for Access Control Lists on S3 buckets. Going forward all new S3 buckets will default their object ownership setting to
bucket owner enforced, which means that requests to set/update ACLs will fail as well.Detailed list or summary of changes made:
Removes the cloudtrail_bucket_acl configuration. This isn't necessary since this is the default behavior of new S3 buckets.
Refactors the cloudtrail_access_log_bucket_acl configuration into a S3 bucket policy statement instead of the canned ACL setting.
Steps to test/reproduce the changes in this PR:
main.tf).Implement the following module.
output "cloudtrail_integration" { value = module.expel_aws_cloudtrail_integration }
AccessControlListNotSupported: The bucket does not allow ACLs │ status code: 400