Skip to content

Commit

Permalink
remove acl because of bucket owner enforced
Browse files Browse the repository at this point in the history
  • Loading branch information
@badra001
badra001 committed Jan 18, 2022
1 parent bcd3334 commit 66997ac
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions s3-access-logs/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,8 @@ locals {
#---
resource "aws_s3_bucket" "logs" {
bucket = local.bucket_name
acl = "log-delivery-write"
# acl = "log-delivery-write"
acl = "private"

# uses aws/kms key so log delivery works properly
server_side_encryption_configuration {
Expand Down Expand Up @@ -138,7 +139,7 @@ resource "null_resource" "policy_delay" {
# set ownership controls
# see documentation:
# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls
#
# https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html
resource "aws_s3_bucket_ownership_controls" "this" {
bucket = aws_s3_bucket.logs.id

Expand Down

0 comments on commit 66997ac

Please sign in to comment.