Notes to Self

Alex Sokolsky's Notes on Computers and Programming

S3 Best Practices

Disable ACL

See Controlling Object Ownership on why bucket policy should be used instead of bucket ACL.

From How to disable S3 bucket ACLs:

resource "aws_s3_bucket" "test" {
  bucket = "s3test.example.org"
}

resource "aws_s3_bucket_ownership_controls" "test" {
  bucket = aws_s3_bucket.test.id

  rule {
    object_ownership = "BucketOwnerEnforced"
  }
}

Also: Disable bucket ACL(s) in a given AWS account.