Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: error creating S3 bucket ACL "AccessControlListNotSupported" -Recent AWS change causing issues- #157

Open
MitchIonascu opened this issue Apr 28, 2023 · 3 comments
Open

Error: error creating S3 bucket ACL "AccessControlListNotSupported" -Recent AWS change causing issues- #157

MitchIonascu opened this issue Apr 28, 2023 · 3 comments

Comments

@MitchIonascu
Copy link

Hi there!

Please be advised that a recent change from AWS has been pushed(April 2023) and it directly regards S3 buckets: https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/

Buckets no longer appear to come with ACLs enabled, causing some issues with the terraform-aws-s3-bucket module.

terraform-aws-modules/terraform-aws-s3-bucket#223

End result is that your module also fails with the following error:

│ Error: error creating S3 bucket ACL for test-bastion: AccessControlListNotSupported: The bucket does not allow ACLs
│ status code: 400, request id: 207S1Q188N2QRD5H, host id: AIFiPzdeZeZjl5VPSACBq4Rg+dadasdssda2222+7v+szpwMJKXBw=

│ with module.bastion.module.bastion.aws_s3_bucket_acl.bucket,
│ on .terraform/modules/bastion.bastion/buckets.tf line 18, in resource "aws_s3_bucket_acl" "bucket":
│ 18: resource "aws_s3_bucket_acl" "bucket" {

Love the module, by the way, thanks for all of the hard work!
@umbertix
Copy link

umbertix commented May 15, 2023
edited
Loading

EDIT: This seems to be already been fixed on a PR that has been merged. You can ignore my comment as this is no longer relevant.
Same here, seems like there is a fix for it terraform-aws-modules/terraform-aws-s3-bucket#223 (comment)

I'll take a look to see if I can open a PR for it. But in any way thx for the module.

@Guimove
Copy link
Owner

Guimove commented Jun 1, 2023

Hi there,

Thank you for your comment. Since the issue you reported has already been fixed and merged, you can go ahead and close the issue. I appreciate your understanding and cooperation.

If you have any further questions or need any assistance in the future, please feel free to reach out. I'm always here to help.

Thank you for your support and for using the module.

@ernosix
Copy link

ernosix commented Jun 7, 2023
edited
Loading

Still running into this error

Error: putting S3 object ACL: MissingSecurityHeader: Your request was missing a required header status code: 400, request id: NTR78A0, host id: 7SQR/Km6pWsm3OK5Avu3axD19XDdE5RNbEJ== with module.bastion.aws_s3_object.bucket_public_keys_readme on .terraform/modules/bastion/main.tf line 15, in resource "aws_s3_object" "bucket_public_keys_readme":

Solved by adding:

resource "aws_s3_bucket_ownership_controls" "application_logs" {
  bucket = module.bastion.bucket_name

  rule {
    object_ownership         = "ObjectWriter"
  }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@umbertix @Guimove @ernosix @MitchIonascu