Allow to enforce object ownership on S3 bucketsΒ #26566
Closed as not planned
Description
Community Note
- Please vote on this issue by adding a π reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
We would like to follow the best practices by AWS and disable ACL and enforce object ownership. See references below. I know that we could set it with aws_s3_bucket_ownership_controls, but this would not allow to enforce bucket creation with e.g. BucketOwnerEnforced (as described in the AWS example).
New or Affected Resource(s)
- aws_s3_bucket
Potential Terraform Configuration
resource "aws_s3_bucket" "b" {
bucket = "my-tf-test-bucket"
object_ownership = "BucketOwnerEnforced"
}This could also be the default value when leaving acl undefined. Currently, acl is deprecated but is private by default.