Skip to content

Commit

Permalink
Remove private ACLs for buckets (#104)
Browse files Browse the repository at this point in the history 
AWS has changed the behavior of bucket ACLs and is essentially
deprecating the feature.

In general, we don't need to set these ACLs as private is the default
anyway, so removing this is a non-breaking changing for existing
deployments and fixes new deployments with the recent change to behavior
for new buckets
  • Loading branch information
Addison Higham authored Apr 13, 2023
1 parent 2972ecd commit 6745a6b
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 11 deletions.
5 changes: 0 additions & 5 deletions tiered_storage.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,6 @@ resource "aws_s3_bucket" "tiered_storage" {
}
}

resource "aws_s3_bucket_acl" "tiered_storage" {
bucket = aws_s3_bucket.tiered_storage.id
acl = "private"
}

resource "aws_s3_bucket_server_side_encryption_configuration" "tiered_storage" {
bucket = aws_s3_bucket.tiered_storage.bucket
rule {
Expand Down
7 changes: 1 addition & 6 deletions velero.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,6 @@ resource "aws_s3_bucket" "velero" {
}
}

resource "aws_s3_bucket_acl" "velero" {
bucket = aws_s3_bucket.velero.id
acl = "private"
}

resource "aws_s3_bucket_server_side_encryption_configuration" "velero" {
bucket = aws_s3_bucket.velero.bucket

Expand Down Expand Up @@ -207,4 +202,4 @@ resource "kubernetes_namespace" "velero" {
metadata {
name = var.velero_namespace
}
}
}

0 comments on commit 6745a6b

Please sign in to comment.