Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S3 Cross-Account Cross-Region Replication with KMS #3575

Closed
jrstarke opened this issue Mar 1, 2018 · 7 comments
Closed

S3 Cross-Account Cross-Region Replication with KMS #3575

jrstarke opened this issue Mar 1, 2018 · 7 comments
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/s3 Issues and PRs that pertain to the s3 service.
Milestone
v1.40.0

Comments

@jrstarke
Copy link
Contributor

jrstarke commented Mar 1, 2018

Hi there,

PR #2625, added support for Cross-Region Replication, but missed the Account and AccessControlTranslation attributes on the rules destination (https://docs.aws.amazon.com/sdk-for-go/api/service/s3/#Destination). As such, when you replicate objects a bucket in a second account, by default they are inaccessible to that account, unless the objects ACL specifically granted access to the account before replication.
@jrstarke jrstarke mentioned this issue Mar 1, 2018
Merged
@radeksimko radeksimko added enhancement Requests to existing resources that expand the functionality or scope. service/s3 Issues and PRs that pertain to the s3 service. labels Mar 1, 2018
@dforsber-p
Copy link

+1

1 similar comment
@jnoss
Copy link
Contributor

jnoss commented Sep 18, 2018

+1

@jnoss jnoss mentioned this issue Sep 18, 2018
Merged
jnoss added a commit to asicsdigital/terraform-aws-s3-cross-account-replication that referenced this issue Sep 18, 2018
@jnoss
feat: add output and update README with manual step
92dd715 
...due to a feature currently missing in the Terraform AWS provider,
there is a manual step required to properly set ownership on replicated
objects so that the destination account can access them. See README and
hashicorp/terraform-provider-aws#3575
@cornfeedhobo
Copy link

@jrstarke #2625 is merged! Let's kick these tires (and thank you)!

@jrstarke
Copy link
Contributor Author

@cornfeedhobo #2625 gets cross region replication, but not the cross account replication (due to missing AccessControlTranslation (see #3577)

@ewbankkit
Copy link
Contributor

ewbankkit commented Sep 20, 2018
edited
Loading

This is the same issue as #2221. I'll close that as a duplicate.
On closer study #2221 is actually in addition to this issue; Reopening it...

This was referenced Sep 20, 2018
Closed
Closed
@bflad bflad added this to the v1.40.0 milestone Oct 10, 2018
@bflad
Copy link
Contributor

bflad commented Oct 10, 2018

Huge shout out to @jrstarke and @ewbankkit! This functionality has been merged and will be released in version 1.40.0 of the AWS provider, likely later today. 🚀

@bflad bflad closed this as completed Oct 10, 2018
@ghost
Copy link

ghost commented Apr 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/s3 Issues and PRs that pertain to the s3 service.
Projects
None yet
Milestone
v1.40.0
Development

No branches or pull requests
7 participants
@jrstarke @bflad @radeksimko @cornfeedhobo @ewbankkit @jnoss @dforsber-p