Add S3 bucket ownership controls #61
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
max-lobur
added a commit
to cloudposse/terraform-aws-cloudtrail-s3-bucket
that referenced
this pull request
Oct 13, 2021
max-lobur
added a commit
to cloudposse/terraform-aws-cloudtrail-s3-bucket
that referenced
this pull request
Oct 13, 2021
max-lobur
added a commit
to cloudposse/terraform-aws-config-storage
that referenced
this pull request
Oct 13, 2021
max-lobur
added a commit
to cloudposse/terraform-aws-lb-s3-bucket
that referenced
this pull request
Oct 13, 2021
|
/test all |
nitrocode
reviewed
Oct 29, 2021
nitrocode
reviewed
Oct 29, 2021
|
this module should probably be using the cloudposse s3 bucket module so we don't have to duplicate these pr changes across these two repos |
Co-authored-by: nitrocode <nitrocode@users.noreply.github.com>
|
Agreed, it was discussed already. I will merge separately. There are some drifts between two already, so have to be careful |
|
Also going to be breaking change as tf resource address will change |
Co-authored-by: nitrocode <nitrocode@users.noreply.github.com>
|
/test all |
nitrocode
approved these changes
Oct 29, 2021
max-lobur
added a commit
to cloudposse/terraform-aws-lb-s3-bucket
that referenced
this pull request
Oct 29, 2021
* Make use of S3 bucket ownership Inherit cloudposse/terraform-aws-s3-log-storage#61 * Auto Format * Update versions.tf * Auto Format Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: nitrocode <nitrocode@users.noreply.github.com>
max-lobur
added a commit
to cloudposse/terraform-aws-config-storage
that referenced
this pull request
Oct 29, 2021
* Make use of S3 bucket ownership Inherit cloudposse/terraform-aws-s3-log-storage#61 * Auto Format * Update versions.tf * Auto Format Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: nitrocode <nitrocode@users.noreply.github.com>
max-lobur
added a commit
to cloudposse/terraform-aws-cloudtrail-s3-bucket
that referenced
this pull request
Oct 29, 2021
* Update main.tf Inherit cloudposse/terraform-aws-s3-log-storage#61 * Auto Format * Update versions.tf * Auto Format Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: nitrocode <nitrocode@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
what
why
bucket-owner-full-controlACL is specified, the bucket account take ownership, otherwise the writer account keeps ownership. Bucket on its side may enforce presence of thebucket-owner-full-controlACL which we already do when needed. So this setting was the only missing piece to make ownership work like we expectedObjectWriter. It corresponds to legacy S3 behavior which was broken for us. Decided to always set toBucketOwnerPreferredand not allow to customize. If the owner must be preserved, we should not passbucket-owner-full-control- this is a more clear way to control the behavior.references