This message was deleted.
# generals
sparse-intern-71089
06/08/2023, 5:46 PMThis message was deleted.
b
billowy-army-68599
06/08/2023, 5:48 PM
hey Harrison, We can definitely help. Can you provide more information about the changes you’re seeing ?
a
acoustic-lawyer-27551
06/08/2023, 5:49 PMsure! to start the newer deployment has the s3 bucket ‘Block public access’ turned on where the old has it turned off
acoustic-lawyer-27551
06/08/2023, 5:50 PMand there is also ‘Object Ownership’ which is set to bucket owner enforced instead of ‘Object writer’
acoustic-lawyer-27551
06/08/2023, 5:50 PMthere may be others that I haven’t discovered
b
billowy-army-68599
06/08/2023, 5:53 PM
can you share code? screenshots? anything that could help us debug?
a
acoustic-lawyer-27551
06/08/2023, 5:53 PMhere is what we have for the bucket:
Copy code
export const appAssetsBucket = new aws.s3.Bucket(`${config.commonName}-assets`, {
acl: "private",
tags: Object.assign({ Name: `${config.commonName}-assets` }, commonTags)
});acoustic-lawyer-27551
06/08/2023, 5:55 PMtrying to remove and readd now
b
billowy-army-68599
06/08/2023, 5:56 PM
ah, this is an account level setting defined by AWS
https://aws.amazon.com/about-aws/whats-new/2022/12/amazon-s3-automatically-enable-block-public-access-disable-access-control-lists-buckets-april-2023/
This is being rolled out through AWS accounts and it looks like one of your accounts has it, one does not. That’s out of Pulumi’s control
If you wish to have different settings, you need to define them with:
https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucketpublicaccessblock/
https://www.pulumi.com/registry/packages/aws/api-docs/s3/bucketownershipcontrols/
👍 1
a
acoustic-lawyer-27551
06/08/2023, 5:57 PMawesome! that’s a good place to start looking down
acoustic-lawyer-27551
06/08/2023, 5:57 PMappreciate the point in the right direction @billowy-army-68599. Will try that out and see how it goes
3 Views