You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think the option to set "encryption: none" in the s3_bucket module is no longer supported by AWS per https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html. We were using this until recently when it started failing with a confusing "Bucket encryption failed to apply in the expected time" error for an existing bucket because AWS has seemingly been slowly enabling AES256 on all existing unencrypted buckets.
build 01-Mar-2023 19:45:53 redirecting (type: modules) ansible.builtin.s3_bucket to amazon.aws.s3_bucket
build 01-Mar-2023 19:46:56 fatal: [localhost]: FAILED! => changed=false
build 01-Mar-2023 19:46:56 live_encryption:
build 01-Mar-2023 19:46:56 SSEAlgorithm: AES256
build 01-Mar-2023 19:46:56 msg: Bucket encryption failed to apply in the expected time
build 01-Mar-2023 19:46:56 requested_encryption: null
Amazon have indeed dropped support for disabling encryption.
We merged a change yesterday which will reflect this: #1395
The docs have been updated to reflect this, however, since we (sort-of) support various S3 compatible services we've left the code in place to handle it.
Summary
I think the option to set "encryption: none" in the s3_bucket module is no longer supported by AWS per https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html. We were using this until recently when it started failing with a confusing "Bucket encryption failed to apply in the expected time" error for an existing bucket because AWS has seemingly been slowly enabling AES256 on all existing unencrypted buckets.
Issue Type
Bug Report
Component Name
s3_bucket
Ansible Version
Collection Versions
AWS SDK versions
Configuration
$ ansible-config dump --only-changed
OS / Environment
No response
Steps to Reproduce
Expected Results
Expected task to succeed, but failed with a timeout error due to breaking AWS changes.
Actual Results
Code of Conduct
The text was updated successfully, but these errors were encountered: