Cross account S3 bucket deployments

[ezrover]

This plugin works well with local buckets within the current account. However, when the s3://bucket-in-another-account is used, the deploy command errors out with Access Denied.

✖ Failed. AccessDenied: Access Denied

• s3.js:710 Request.extractError [frontend]/[aws-sdk]/lib/services/s3.js:710:35

Even though IAM roles is setup correctly for the user/role to have full ss3 access in the other account. Also, the bucket policy in the other account is setup correctly to give user in the other account full s3 rights.

To resolve this issue, please follow https://aws.amazon.com/premiumsupport/knowledge-center/s3-bucket-owner-access/ and ensure for each object write, you add "--acl bucket-owner-full-control" .

[YoshiWalsh]

I don't have much experience with cross-account requests, but would it fix the problem if you set the Object Ownership settings on your bucket to "bucket owner enforced"? The documentation says that with this setting you don't need to specify any ACL.