From 6bcc7d12720759603b353368c9ca3f0e6feff40c Mon Sep 17 00:00:00 2001 From: jsclarridge <2491291+jsclarridge@users.noreply.github.com> Date: Mon, 22 May 2023 17:03:18 -0700 Subject: [PATCH] Change default acl value --- README.md | 2 +- main.tf | 1 + variables.tf | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8ca575e..0631354 100644 --- a/README.md +++ b/README.md @@ -153,7 +153,7 @@ No modules. | noncurrent\_version\_retention | Number of days to retain non-current versions of objects if versioning is enabled. | `string` | `30` | no | | object\_ownership | Object ownership. Valid values: BucketOwnerEnforced, BucketOwnerPreferred or ObjectWriter. | `string` | `"BucketOwnerEnforced"` | no | | redshift\_logs\_prefix | S3 prefix for RedShift logs. | `string` | `"redshift"` | no | -| s3\_bucket\_acl | Set bucket ACL per [AWS S3 Canned ACL]() list. | `string` | `"log-delivery-write"` | no | +| s3\_bucket\_acl | Set bucket ACL per [AWS S3 Canned ACL]() list. | `string` | `null` | no | | s3\_bucket\_name | S3 bucket to store AWS logs in. | `string` | n/a | yes | | s3\_log\_bucket\_retention | Number of days to keep AWS logs around. | `string` | `90` | no | | s3\_logs\_prefix | S3 prefix for S3 access logs. | `string` | `"s3"` | no | diff --git a/main.tf b/main.tf index fc3d8ac..10215b5 100644 --- a/main.tf +++ b/main.tf @@ -416,6 +416,7 @@ resource "aws_s3_bucket_policy" "aws_logs" { } resource "aws_s3_bucket_acl" "aws_logs" { + count = var.s3_bucket_acl != null ? 1 : 0 bucket = aws_s3_bucket.aws_logs.id acl = var.s3_bucket_acl depends_on = [aws_s3_bucket_ownership_controls.aws_logs] diff --git a/variables.tf b/variables.tf index d591b87..e66e35f 100644 --- a/variables.tf +++ b/variables.tf @@ -17,7 +17,7 @@ variable "noncurrent_version_retention" { variable "s3_bucket_acl" { description = "Set bucket ACL per [AWS S3 Canned ACL]() list." - default = "log-delivery-write" + default = null type = string }