Skip to content

Commit

Permalink
feature: remove bucket acl as it's disabled when object_ownership set…
Browse files Browse the repository at this point in the history
… to `BucketOwnerEnforced` (#242)

* feat: fix acl

when object_ownership = `BucketOwnerEnforced`, acl is disabled. so need to remove acl.

* feat: fix acl

removed acl as when object_ownership =`BucketOwnerEnforced` ACL is disabled.

* feat: remove bucket ACL
  • Loading branch information
githubjianli authored Nov 16, 2023
1 parent 0e3c40d commit da49cc1
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 16 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a
- Changed `k8s` API to work with provider 2.x
- Changed Terraform `map` to `tomap` to make it work with newer TF provider(The map function was deprecated in Terraform v0.12 and is no longer available).
- Upgrade AWS provider to `4.x`.
- Removed bucket `ACL` as when bucket `object_ownership` set to `BucketOwnerEnforced`, it's disabled `ACL`.

## [6.19.1] - 2023-08-25
### Fixed
Expand Down
8 changes: 0 additions & 8 deletions s3-other.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
resource "aws_s3_bucket" "apiary_inventory_bucket" {
count = var.s3_enable_inventory == true ? 1 : 0
bucket = local.s3_inventory_bucket
acl = "private"
tags = merge(tomap({"Name"="${local.s3_inventory_bucket}"}), "${var.apiary_tags}")
policy = <<EOF
{
Expand Down Expand Up @@ -93,13 +92,6 @@ resource "aws_s3_bucket_ownership_controls" "apiary_inventory_bucket" {
}
}

resource "aws_s3_bucket_acl" "apiary_inventory_bucket" {
count = var.s3_enable_inventory == true ? 1 : 0
depends_on = [aws_s3_bucket_ownership_controls.apiary_inventory_bucket[0]]
bucket = aws_s3_bucket.apiary_inventory_bucket[0].id
acl = "private"
}

resource "aws_s3_bucket" "apiary_managed_logs_bucket" {
count = local.enable_apiary_s3_log_management ? 1 : 0
bucket = local.apiary_s3_logs_bucket
Expand Down
8 changes: 0 additions & 8 deletions s3.tf
Original file line number Diff line number Diff line change
Expand Up @@ -122,14 +122,6 @@ resource "aws_s3_bucket_ownership_controls" "apiary_bucket" {
}
}

resource "aws_s3_bucket_acl" "apiary_data_bucket" {
for_each = {
for schema in local.schemas_info : "${schema["schema_name"]}" => schema
}
bucket = aws_s3_bucket.apiary_data_bucket[each.key].id
acl = "private"
}

resource "aws_s3_bucket_notification" "data_events" {
for_each = var.enable_data_events ? {
for schema in local.schemas_info : "${schema["schema_name"]}" => schema if lookup(schema, "enable_data_events_sqs", "0") == "0"
Expand Down

0 comments on commit da49cc1

Please sign in to comment.