diff --git a/UPGRADING.rst b/UPGRADING.rst index 0c68dc8c35..e0ec5587e1 100644 --- a/UPGRADING.rst +++ b/UPGRADING.rst @@ -42,16 +42,6 @@ a deployment just before pushing the merge commit to the GitLab instance in that deployment. -#5043 S3 server access logs are inherently incomplete -===================================================== - -Operator -~~~~~~~~ - -Manually deploy the ``shared`` component of any main deployment just before -pushing the merge commit to the GitLab instance in that deployment. - - #5133 Trigger an alarm on absence of logs ========================================= diff --git a/terraform/shared/shared.tf.json.template.py b/terraform/shared/shared.tf.json.template.py index 4536d2f0a8..6ff7371ac0 100644 --- a/terraform/shared/shared.tf.json.template.py +++ b/terraform/shared/shared.tf.json.template.py @@ -350,15 +350,7 @@ def conformance_pack(name: str) -> str: 'enable_log_file_validation': True, 'is_multi_region_trail': True, 'cloud_watch_logs_group_arn': '${aws_cloudwatch_log_group.trail.arn}:*', - 'cloud_watch_logs_role_arn': '${aws_iam_role.trail.arn}', - 'event_selector': { - 'read_write_type': 'All', - 'include_management_events': True, - 'data_resource': { - 'type': 'AWS::S3::Object', - 'values': ['arn:aws:s3'] - } - } + 'cloud_watch_logs_role_arn': '${aws_iam_role.trail.arn}' } }, 'aws_cloudwatch_log_group': {