From a31a9d6665f7422eec358ca78dc0d7766d320beb Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 17 May 2022 15:01:38 -0400
Subject: [PATCH] update s3-access-logs acl to log-delivery-write, ownership to
 preferred

---
 s3-access-logs/main.tf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/s3-access-logs/main.tf b/s3-access-logs/main.tf
index af4b619..3234e3c 100644
--- a/s3-access-logs/main.tf
+++ b/s3-access-logs/main.tf
@@ -111,7 +111,7 @@ resource "aws_s3_bucket_versioning" "logs" {
 resource "aws_s3_bucket_ownership_controls" "this" {
   bucket = aws_s3_bucket.logs.id
   rule {
-    object_ownership = "BucketOwnerEnforced"
+    object_ownership = "BucketOwnerPreferred"
   }
 }
 
@@ -127,7 +127,8 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "logs" {
 resource "aws_s3_bucket_acl" "logs" {
   #  count  = 0
   bucket = aws_s3_bucket.logs.id
-  acl    = "private"
+  #  acl    = "private"
+  acl = "log-delivery-write"
 }
 
 #---