Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(syncer): enable SSE by default for dist bucket #3048

Merged
merged 1 commit into from
Mar 13, 2023
Merged

fix(syncer): enable SSE by default for dist bucket #3048

merged 1 commit into from
Mar 13, 2023

Conversation

npalm
Copy link
Member

@npalm npalm commented Mar 13, 2023
edited
Loading

Description

Amazon has enabled SSE by default for S3 buckets since Jan 2023. Currently the module does set the default rule to null, which results that every run detects a change in SSE for the dist bucket. By setting the default to SSE the Terraform default config is back in sync with the AWS default.

Problem

Every Terraform run tries to change the bucket encryption settings due to Amazon default changes:

Terraform will perform the following actions:

  # module.runners.module.runner_binaries[0].aws_s3_bucket_server_side_encryption_configuration.action_dist[0] will be updated in-place
  ~ resource "aws_s3_bucket_server_side_encryption_configuration" "action_dist" {
        id     = "np-default-dist"
        # (1 unchanged attribute hidden)

      - rule {
          - bucket_key_enabled = false -> null

          - apply_server_side_encryption_by_default {
              - sse_algorithm = "AES256" -> null
            }
        }
      + rule {
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Verifications

Deployed and tested with the default example

@npalm npalm requested a review from GuptaNavdeep1983 March 13, 2023 13:29
@npalm npalm changed the title fix: enable SSE by default for dist bucket fix(syncer): enable SSE by default for dist bucket Mar 13, 2023
@npalm npalm merged commit a7ad31a into main Mar 13, 2023
@npalm npalm deleted the fix/default-sse-dist-bucket branch March 13, 2023 14:43
@forest-releaser forest-releaser bot mentioned this pull request Mar 13, 2023
Merged
@npalm npalm mentioned this pull request Mar 13, 2023
Closed
@forest-releaser forest-releaser bot mentioned this pull request Apr 28, 2023
Closed
@miyajan miyajan mentioned this pull request May 16, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GuptaNavdeep1983 GuptaNavdeep1983 GuptaNavdeep1983 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@npalm @GuptaNavdeep1983