fix: access logs bucket policy applied after ALB update

[dannyrandall]

Previously, turning on access logs for the ALB would result in the error like:

Access Denied for bucket: app-env-elbaccesslogsbucket-1234. Please check S3bucket permission (Service: AmazonElasticLoadBalancing; Status Code: 400; Error Code: InvalidConfigurationRequest; Request ID: id; Proxy: null)

This is because Cloudformation would update the ALB's settings before creating the bucket policy that allows the ALB to send logs to the bucket.

Now, we add an explicit dependency to the ALB on the bucket policy if access logs is enabled so that the policy is created/applied before attempting to put objects in the bucket.

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the Apache 2.0 License.

[efekarakus]

Ty!

[github-actions]

🍕 Here are the new binary sizes!

Name	New size (kiB)	v1.23.0 size (kiB)	Delta (%)
macOS (amd)	47572	47548	+0.05
macOS (arm)	47572	48200	❤️ -1.30
linux (amd)	41836	41812	+0.06
linux (arm)	41836	41220	🥺 +1.49
windows (amd)	38684	38664	+0.05

[codecov-commenter]

Codecov Report

Merging #4169 (fd184e7) into mainline (b956464) will increase coverage by 0.00%.
The diff coverage is n/a.

@@            Coverage Diff            @@
##           mainline    #4169   +/-   ##
=========================================
  Coverage     69.24%   69.24%           
=========================================
  Files           250      250           
  Lines         35927    35927           
  Branches        264      264           
=========================================
+ Hits          24876    24878    +2     
+ Misses         9856     9853    -3     
- Partials       1195     1196    +1     

Impacted Files	Coverage Δ
...ternal/pkg/deploy/cloudformation/cloudformation.go	73.02% <0.00%> (+0.54%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.