Revert "[u] Fix: S3 server access logs are inherently incomplete (#5043…

…, PR #5230)" This reverts commit befd490, reversing changes made to b954f7d.
DataBiosphere · May 24, 2023 · 75a01ee · 75a01ee
1 parent befd490
commit 75a01ee
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 19 deletions.
diff --git a/UPGRADING.rst b/UPGRADING.rst
@@ -42,16 +42,6 @@ a deployment just before pushing the merge commit to the GitLab instance in that
 deployment.
 
 
-#5043 S3 server access logs are inherently incomplete
-=====================================================
-
-Operator
-~~~~~~~~
-
-Manually deploy the ``shared`` component of any main deployment just before
-pushing the merge commit to the GitLab instance in that deployment.
-
-
 #5133 Trigger an alarm on absence of logs
 =========================================
 

diff --git a/terraform/shared/shared.tf.json.template.py b/terraform/shared/shared.tf.json.template.py
@@ -350,15 +350,7 @@ def conformance_pack(name: str) -> str:
                 'enable_log_file_validation': True,
                 'is_multi_region_trail': True,
                 'cloud_watch_logs_group_arn': '${aws_cloudwatch_log_group.trail.arn}:*',
-                'cloud_watch_logs_role_arn': '${aws_iam_role.trail.arn}',
-                'event_selector': {
-                    'read_write_type': 'All',
-                    'include_management_events': True,
-                    'data_resource': {
-                        'type': 'AWS::S3::Object',
-                        'values': ['arn:aws:s3']
-                    }
-                }
+                'cloud_watch_logs_role_arn': '${aws_iam_role.trail.arn}'
             }
         },
         'aws_cloudwatch_log_group': {