From c65ff5e23560abfc4e2953b9563bdf13e4fa2f44 Mon Sep 17 00:00:00 2001
From: Bion Johnson <bion@users.noreply.github.com>
Date: Mon, 1 May 2023 04:05:53 -0700
Subject: [PATCH] Set ownership control to BucketOwnerPreferred (#14)

* Set ownership control to BucketOwnerPreferred

* fmt
---
 main.tf | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 717449e..d660b09 100644
--- a/main.tf
+++ b/main.tf
@@ -13,7 +13,7 @@ resource "random_string" "random" {
 }
 
 resource "aws_s3_bucket" "logs" {
-  bucket = lower("${random_string.random.keepers.name_prefix}-logs-${random_string.random.result}")
+  bucket        = lower("${random_string.random.keepers.name_prefix}-logs-${random_string.random.result}")
   force_destroy = var.s3_bucket_force_destroy
   tags = merge(
     var.tags,
@@ -24,8 +24,17 @@ resource "aws_s3_bucket" "logs" {
 }
 
 resource "aws_s3_bucket_acl" "logs" {
+  bucket     = aws_s3_bucket.logs.id
+  depends_on = [aws_s3_bucket_ownership_controls.logs]
+  acl        = "log-delivery-write"
+}
+
+resource "aws_s3_bucket_ownership_controls" "logs" {
   bucket = aws_s3_bucket.logs.id
-  acl    = "log-delivery-write"
+
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
 }
 
 resource "aws_s3_bucket_server_side_encryption_configuration" "logs" {