update s3-access-logs acl to log-delivery-write, ownership to preferred

terraform-modules · May 17, 2022 · a31a9d6 · a31a9d6
1 parent 0bd723d
commit a31a9d6
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/s3-access-logs/main.tf b/s3-access-logs/main.tf
@@ -111,7 +111,7 @@ resource "aws_s3_bucket_versioning" "logs" {
 resource "aws_s3_bucket_ownership_controls" "this" {
   bucket = aws_s3_bucket.logs.id
   rule {
-    object_ownership = "BucketOwnerEnforced"
+    object_ownership = "BucketOwnerPreferred"
   }
 }
 
@@ -127,7 +127,8 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "logs" {
 resource "aws_s3_bucket_acl" "logs" {
   #  count  = 0
   bucket = aws_s3_bucket.logs.id
-  acl    = "private"
+  #  acl    = "private"
+  acl = "log-delivery-write"
 }
 
 #---