#terraform-aws-modules (2023-04)

terraform Terraform Modules

Discussions related to https://github.com/terraform-aws-modules

Archive: https://archive.sweetops.com/terraform-aws-modules/

2023-04-18

Josh B. avatar
Josh B.

Is there a known issue with this repo, or am I doing something wrong? It seems the autoformat is failing on PRs.

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

you’ll need to run

make init
make github/init
make readme
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

on the PR

Josh B. avatar
Josh B.

Okay, ty!

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

(the GH tokens were updated, and the github/init command will get the latest GH workflows with the correct tokens)

Josh B. avatar
Josh B.

Ahh okay, that makes sense. Thanks!

Josh B. avatar
Josh B.

Yep, that worked!

2023-04-26

José avatar

Hello team.

Is me or AWS did something to the S3 buckets creations?

I got this error when trying to create a new S3 bucket with terraform-aws-cloudfront-s3-cdn

Error: creating Amazon S3 (Simple Storage) Bucket (se1-aio-lisa-int-s3-logs-staging): InvalidBucketAclWithObjectOwnership: Bucket cannot have ACLs set with ObjectOwnership's BucketOwnerEnforced setting
│ 	status code: 400, request id: xxx, host id: xxx

Is like they did something unannounced? It did work past Friday, and since Monday is like this.

Using the latest v0.88 version and still no luck. Any advice?

1
José avatar

This is also affecting the VPC FLOW LOGS module, and the S3 module. Basically every module which has S3 creations dependancies. The usage of the module is very simple:

module "s3-cdn" {

  source = "cloudposse/cloudfront-s3-cdn/aws"
  # Cloud Posse recommends pinning every module to a specific version
  version = "0.88.0"

  aliases           = [xxx.xxx.com]
  dns_alias_enabled = true
  parent_zone_id    = "
xxx.com"
  acm_certificate_arn = "certificate-arn"

  context = module.this.context
  tags = {xxx}
}
José avatar

Ohh well, it was some information about: https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-s3-automatically-enable-bl[…]ublic-access-disable-access-control-lists-buckets-april-2023/ with enforcement the 25-04-2023. How can I update the modules to handle this BucketOwnerEnforced?

    keyboard_arrow_up