From 5d2b10d38fe2f9d316c6df966c7d18ce1745e04b Mon Sep 17 00:00:00 2001
From: Miguel Elhaiek <miguelelhaiek@miguel-elhaiek.local>
Date: Tue, 9 Apr 2024 16:12:11 -0300
Subject: [PATCH] Adding Logs to S3 from the Load Balancer

---
 .github/workflows/build_and_deploy.yml | 6 +++---
 terraform/iam.tf                       | 4 +++-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build_and_deploy.yml b/.github/workflows/build_and_deploy.yml
index 71580b3..ffc9d0b 100644
--- a/.github/workflows/build_and_deploy.yml
+++ b/.github/workflows/build_and_deploy.yml
@@ -36,9 +36,9 @@ jobs:
         run: terraform init
         working-directory: terraform
 
-      # - name: Terraform Refresh
-      #   run: terraform refresh
-      #   working-directory: terraform
+      - name: Terraform Refresh
+        run: terraform refresh
+        working-directory: terraform
 
       - name: Terraform Plan
         run: terraform plan -out=tfplan
diff --git a/terraform/iam.tf b/terraform/iam.tf
index 0558026..70ac0c5 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -1,5 +1,7 @@
 # POLICY TO LET BUCKET PERMISSIONS:
 
+
+# subir como data y statement como en el infra ops  en vez de esta forma:
 resource "aws_s3_bucket_policy" "alb_log_bucket_policy" {
   bucket = aws_s3_bucket.nlb_logs.id
 
@@ -11,7 +13,7 @@ resource "aws_s3_bucket_policy" "alb_log_bucket_policy" {
         Principal = {
           Service = "elasticloadbalancing.amazonaws.com"
         },
-        Action = "s3:PutObject",
+        Action = "s3:*",
         Resource = "${aws_s3_bucket.nlb_logs.arn}/*",
         Condition = {
           StringEquals = {