You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the cloudbot ''s3_enable_logging'' is invoked and it does not find an s3 bucket to use as target bucket for server access logs, it tries to create a new s3 bucket with ACLs enabled.
This creates an error as AWS no longer allows the creation of an s3 bucket with ACLs enabled by default. "(InvalidBucketAclWithObjectOwnership) when calling the CreateBucket operation: Bucket cannot have ACLs set with ObjectOwnership's BucketOwnerEnforced setting"
When the cloudbot ''s3_enable_logging'' is invoked and it does not find an s3 bucket to use as target bucket for server access logs, it tries to create a new s3 bucket with ACLs enabled.
This creates an error as AWS no longer allows the creation of an s3 bucket with ACLs enabled by default.
"(InvalidBucketAclWithObjectOwnership) when calling the CreateBucket operation: Bucket cannot have ACLs set with ObjectOwnership's BucketOwnerEnforced setting"
"s3_enable_logging.py"
ACL='log-delivery-write'AWS recommends creating the bucket with a bucket policy instead:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general.
code in question:
https://github.com/dome9/cloud-bots/blob/master/bots/s3_enable_logging.py
The text was updated successfully, but these errors were encountered: