Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove private ACL S3 terraform resource #56

Merged
merged 1 commit into from
Jul 17, 2023
Merged

Remove private ACL S3 terraform resource #56

merged 1 commit into from
Jul 17, 2023

Conversation

frozenSolid
Copy link
Contributor

Remove private ACL terraform resource.
Broken since April, 2023 for creating new S3 buckets and specifying ACL's:
https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-s3-automatically-enable-block-public-access-disable-access-control-lists-buckets-april-2023/

@jim80net
Copy link
Contributor

Released to alpha for further testing. I want to validate that removing the resource does, as the docs indicate, simply stop managing the ACL resource.

@jim80net
Copy link
Contributor

When applying this change to a preexisting installation, the terraform state got destroyed, but the ACL remained the same in testing.

  # module.datadog.aws_s3_bucket_acl.elb_logs[0] will be destroyed
  - resource "aws_s3_bucket_acl" "elb_logs" {
      - acl    = "private" -> null
      - bucket = "scribd-infraeng-dev-elb-logs" -> null
      - id     = "scribd-infraeng-dev-elb-logs,private" -> null

      - access_control_policy {
          - grant {
              - permission = "FULL_CONTROL" -> null

              - grantee {
                  - id   = "abc123" -> null
                  - type = "CanonicalUser" -> null
                }
            }

          - owner {
              - id = "abc123" -> null
            }
        }
    }

before:
image

after:
image

jim80net
jim80net approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor

@jim80net jim80net left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works as intended, and stops managing aws_s3_bucket_acl as intended, while leaving the API alone.

@jim80net jim80net merged commit fc770ec into scribd:master Jul 17, 2023
@github-actions
Copy link

🎉 This PR is included in version 3.2.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jim80net jim80net jim80net approved these changes

Assignees
No one assigned
Labels
released
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@frozenSolid @jim80net