This message was deleted.
# aws
s
This message was deleted.
g
what api are you using? There are
bucket
and
bucketv2
and they can treat policy as a separate object however API can accept it as an input parameter https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html#API_CreateBucket_RequestParameters but
bucketV2
allows policy as a separate object https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucketv2/ however, it can also allow the value directly.
c
(Cliff — we have the same issue. I’m interested in knowing a good way around this also. We don’t have an automated intervention (yet?), but it does generate noise in our alert stream.)
c
@great-sunset-355 We are using
bucketv2
. I believe you can supply the ACL, but not the public access block settings. The ACL policy does not solve the problem though.
g
You may need to tweak your alarm system because there is nothing you can do about it IMO because
PublicAccessPolicyBlock
is a separate object from the bucket https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html and it always needs to wait for the creation of S3 bucket. Btw. Finally, after years, S3 buckets are now private by default, not sure if it helps with though.
c
@great-sunset-355 Yeah I agree with you about that. It likely won't be an issue come April as seen here: https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-s3-automatically-enable-bl[…]ublic-access-disable-access-control-lists-buckets-april-2023/
👍 1