S3 Logging add option to disable ACL setup #2136
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Docs Build 📝Thank you for contribution!✨ The docsite for this PR is available for download as an artifact from this run: You can compare to the docs for the File changes:
Click to see the diff comparison.NOTE: only file modifications are shown here. New and deleted files are excluded. diff --git a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/s3_logging_module.html b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/s3_logging_module.html
index a29e09a..26a4fe5 100644
--- a/home/runner/work/community.aws/community.aws/docsbuild/base/collections/community/aws/s3_logging_module.html
+++ b/home/runner/work/community.aws/community.aws/docsbuild/head/collections/community/aws/s3_logging_module.html
@@ -197,6 +197,20 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
</div></td>
</tr>
<tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-acl"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-acl"><strong>acl</strong></p>
+<a class="ansibleOptionLink" href="#parameter-acl" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
+<p><em class="ansible-option-versionadded">added in community.aws 8.3.0</em></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>Setup target bucket ACLs to grant AWS special log delivery account to write server access logs.</p>
+<p>Setting to False will remove the ACL for log delivery on the target bucket.</p>
+<p class="ansible-option-line"><strong class="ansible-option-choices">Choices:</strong></p>
+<ul class="simple">
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">false</span></code></p></li>
+<li><p><code class="ansible-option-default-bold docutils literal notranslate"><strong><span class="pre">true</span></strong></code> <span class="ansible-option-choices-default-mark">← (default)</span></p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-aws_ca_bundle"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-aws-ca-bundle"><strong>aws_ca_bundle</strong></p>
<a class="ansibleOptionLink" href="#parameter-aws_ca_bundle" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">path</span></p>
</div></td>
@@ -204,7 +218,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>The <code class="docutils literal notranslate"><span class="pre">AWS_CA_BUNDLE</span></code> environment variable may also be used.</p>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-aws_config"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-aws-config"><strong>aws_config</strong></p>
<a class="ansibleOptionLink" href="#parameter-aws_config" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">dictionary</span></p>
</div></td>
@@ -212,7 +226,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>Parameters can be found in the AWS documentation <a class="reference external" href="https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config">https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config</a>.</p>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-debug_botocore_endpoint_logs"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-debug-botocore-endpoint-logs"><strong>debug_botocore_endpoint_logs</strong></p>
<a class="ansibleOptionLink" href="#parameter-debug_botocore_endpoint_logs" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
</div></td>
@@ -225,7 +239,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
</ul>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-endpoint_url"></div>
<div class="ansibleOptionAnchor" id="parameter-ec2_url"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_endpoint_url"></div>
@@ -239,14 +253,14 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>Support for the <code class="docutils literal notranslate"><span class="pre">EC2_URL</span></code> environment variable has been deprecated and will be removed in a release after 2024-12-01.</p>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-name"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-name"><strong>name</strong></p>
<a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span> / <span class="ansible-option-required">required</span></p>
</div></td>
<td><div class="ansible-option-cell"><p>Name of the s3 bucket.</p>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-profile"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_profile"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-profile"><span id="ansible-collections-community-aws-s3-logging-module-parameter-aws-profile"></span><strong>profile</strong></p>
<a class="ansibleOptionLink" href="#parameter-profile" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-aliases">aliases: aws_profile</span></p>
@@ -258,7 +272,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>The <em>profile</em> option is mutually exclusive with the <em>aws_access_key</em>, <em>aws_secret_key</em> and <em>security_token</em> options.</p>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-region"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_region"></div>
<div class="ansibleOptionAnchor" id="parameter-ec2_region"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-region"><span id="ansible-collections-community-aws-s3-logging-module-parameter-ec2-region"></span><span id="ansible-collections-community-aws-s3-logging-module-parameter-aws-region"></span><strong>region</strong></p>
@@ -273,7 +287,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>Support for the <code class="docutils literal notranslate"><span class="pre">EC2_REGION</span></code> environment variable has been deprecated and will be removed in a release after 2024-12-01.</p>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-secret_key"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_secret_access_key"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_secret_key"></div>
@@ -290,7 +304,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>Support for the <code class="docutils literal notranslate"><span class="pre">EC2_SECRET_KEY</span></code> environment variable has been deprecated and will be removed in a release after 2024-12-01.</p>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-session_token"></div>
<div class="ansibleOptionAnchor" id="parameter-aws_session_token"></div>
<div class="ansibleOptionAnchor" id="parameter-security_token"></div>
@@ -308,7 +322,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p>Support for the <code class="docutils literal notranslate"><span class="pre">EC2_SECRET_KEY</span></code> and <code class="docutils literal notranslate"><span class="pre">AWS_SECURITY_TOKEN</span></code> environment variables has been deprecated and will be removed in a release after 2024-12-01.</p>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-state"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-state"><strong>state</strong></p>
<a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
@@ -320,14 +334,14 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
</ul>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-target_bucket"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-target-bucket"><strong>target_bucket</strong></p>
<a class="ansibleOptionLink" href="#parameter-target_bucket" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
<td><div class="ansible-option-cell"><p>The bucket to log to. Required when state=present.</p>
</div></td>
</tr>
-<tr class="row-even"><td><div class="ansible-option-cell">
+<tr class="row-odd"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-target_prefix"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-target-prefix"><strong>target_prefix</strong></p>
<a class="ansibleOptionLink" href="#parameter-target_prefix" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
</div></td>
@@ -335,7 +349,7 @@ see <a class="reference internal" href="#ansible-collections-community-aws-s3-lo
<p class="ansible-option-line"><strong class="ansible-option-default-bold">Default:</strong> <code class="ansible-option-default docutils literal notranslate"><span class="pre">""</span></code></p>
</div></td>
</tr>
-<tr class="row-odd"><td><div class="ansible-option-cell">
+<tr class="row-even"><td><div class="ansible-option-cell">
<div class="ansibleOptionAnchor" id="parameter-validate_certs"></div><p class="ansible-option-title" id="ansible-collections-community-aws-s3-logging-module-parameter-validate-certs"><strong>validate_certs</strong></p>
<a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">boolean</span></p>
</div></td>
|
|
Build succeeded. ❌ ansible-galaxy-importer FAILURE in 4m 40s (non-voting) |
tremble
requested changes
Aug 31, 2024
abraverm
force-pushed
the
s3_logging_disable_acl
branch
from
3de4354
to
73a972c
Compare
|
Build succeeded. ✔️ ansible-galaxy-importer SUCCESS in 4m 10s (non-voting) |
|
@tremble , I have addressed your comments, but Github continue to say "1 change requested", I'm not sure what refers to. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Add option
aclto s3_logging for ACL setup on target logging bucket.By default it is enabled, as it was previously, but adds an option to disable this setup.
The option adds and removes the ACL control relevant for S3 logging on the target bucket
This option is in case bucket polices are prefered over ACLs for permission management.
ISSUE TYPE
COMPONENT NAME
s3_logging
ADDITIONAL INFORMATION
If two s3_loggings have been configured with the same logging bucket but with different acl setup, then the result would be determined by execution order.