Gruntwork
April 2023 - S3 ACL Bucket Issues resulting from AWS's S3 security change #701
zackproser
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
What happened?
Amazon S3 rolled out a new policy in April 2023 to disable ACLs on bucket creation. The change was rolled out incrementally across AWS’ global infrastructure. As such, we began seeing tests for modules that use S3 buckets fail intermittently, manifesting in issues similar to this one.
Release link: https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/
What did Gruntwork do in response?
We have completed patching all of our modules as well as our service catalog to be compatible with this change.
Private S3 bucket module
Our private S3 bucket module has been patched as of version v0.68.0.
Service catalog
Our service catalog is patched from version v0.103.1 on. There were 6 service catalog modules impacted by this change:
networking/alb
services/k8s-service
networking/vpc-mgmt
networking/vpc
mgmt/openvpn-server
services/public-static-website
They are now updated to be compatible with S3's ACL change.
CIS Service catalog
Our CIS service catalog has also been patched as of version v0.45.0.
Reference Architectures
We are close to finishing verifying our patches here as well. We will update this post once we've confirmed that our Reference Architecture product has been successfully patched.
Tracked in ticket #110127
Beta Was this translation helpful? Give feedback.
All reactions