Philip Harvey

Hi all, In the API reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html It states: Access Control List (ACL)-Specific Request Headers You can use headers to grant ACL- based permissions. By default, all objects are private....

@ncw any thoughts on this? It's not correct to always send an ACL to a S3 backend, hence either this default needs to be changed or a switch added to...

Hi @ncw I guess ACL are not deprecated, apologies, but AWS and GCP both recommend that ACLs not be used. from this page: https://aws.amazon.com/blogs/security/iam-policies-and-bucket-policies-and-acls-oh-my-controlling-access-to-s3-resources/ > "As a general rule, AWS...

I've lost track of what needs to be done to get this merged. I'm still using my own build of rclone with GCS since the public builds are not GCS...

I actually think that if no ACL is passed that no ACL should be set. The default ACL on a new bucket in AWS is private anyway, so no need...

I'm not sure if any other code needs updated to not pass the empty string for the Bucket ACL, or if passing the empty string is fine.

I did not manage to get this working on Windows, I worked around the issue by installing WSL2 and running the Terraform from that.

As a workaround manually add Security Reviewer to the CB SA ([email protected]) at the organization level. I have confirmed this work around works in our environment.

Same issue for PostgreSQL as well. I believe the Issue only occurs for databases that have replicas.

I don't think this is a provider issue, this is a new feature in v4.28.0 that is not yet supported by this module. I think this module needs to set...