From c251aedc3c9d5bb1c7132bf10339f6f407439fea Mon Sep 17 00:00:00 2001
From: Paul Blankley <31221512+pblankley@users.noreply.github.com>
Date: Sat, 8 Jul 2023 10:34:19 -0600
Subject: [PATCH] Fix 'The bucket does not allow ACLs' error on bucket setup
 (#568)

Signed-off-by: Paul Blankley <31221512+pblankley@users.noreply.github.com>
---
 deploy/terraform/aws/lambda/main.tf | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/deploy/terraform/aws/lambda/main.tf b/deploy/terraform/aws/lambda/main.tf
index 08fdd347..d8f6dd54 100644
--- a/deploy/terraform/aws/lambda/main.tf
+++ b/deploy/terraform/aws/lambda/main.tf
@@ -81,8 +81,17 @@ resource "aws_s3_bucket" "events" {
 }
 
 resource "aws_s3_bucket_acl" "events_acl" {
+  bucket     = aws_s3_bucket.events.id
+  acl        = "private"
+  depends_on = [aws_s3_bucket_ownership_controls.events_acl_ownership]
+}
+
+# Resource to avoid error "AccessControlListNotSupported: The bucket does not allow ACLs"
+resource "aws_s3_bucket_ownership_controls" "events_acl_ownership" {
   bucket = aws_s3_bucket.events.id
-  acl    = "private"
+  rule {
+    object_ownership = "ObjectWriter"
+  }
 }
 
 resource "aws_s3_object" "schemas" {
@@ -98,8 +107,17 @@ resource "aws_s3_bucket" "buz_schemas" {
 }
 
 resource "aws_s3_bucket_acl" "schemas_acl" {
+  bucket     = aws_s3_bucket.buz_schemas.id
+  acl        = "private"
+  depends_on = [aws_s3_bucket_ownership_controls.schemas_acl_ownership]
+}
+
+# Resource to avoid error "AccessControlListNotSupported: The bucket does not allow ACLs"
+resource "aws_s3_bucket_ownership_controls" "schemas_acl_ownership" {
   bucket = aws_s3_bucket.buz_schemas.id
-  acl    = "private"
+  rule {
+    object_ownership = "ObjectWriter"
+  }
 }
 
 resource "aws_ecr_repository" "buz_repository" {