[stable-5] [backport/1511] s3_bucket - Ensure public_access settings are configured before policies #1512
Conversation
…ies (ansible-collections#1511) s3_bucket - Ensure public_access settings are configured before policies SUMMARY At the end of April Amazon updated various S3 bucket defaults. Buckets now have public_access blocked by default, and object_owner set to "BucketOwnerEnforced". https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/ This uncovered a race condition where we set the policy before setting the public_access configs. ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_bucket ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis
Docs Build 📝Thank you for contribution!✨ This PR has been merged and your docs changes will be incorporated when they are next published. |
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 3m 30s |
|
Build succeeded (gate pipeline). ✔️ ansible-galaxy-importer SUCCESS in 3m 45s |
softwarefactory-project-zuul
bot
merged commit fcf0df4
into
ansible-collections:stable-5
SUMMARY Add rendered Changelog to the docs site ISSUE TYPE - Docs Pull Request COMPONENT NAME README.md docs/docsite/extra-docs.yml docs/docsite/rst/CHANGELOG.rst ADDITIONAL INFORMATION Related to ansible-community/community-team#61
Manual backport of #1511
SUMMARY
At the end of April Amazon updated various S3 bucket defaults. Buckets now have public_access blocked by default, and object_owner set to "BucketOwnerEnforced". https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/ This uncovered a race condition where we set the policy before setting the public_access configs
ISSUE TYPE
COMPONENT NAME
s3_bucket
ADDITIONAL INFORMATION