Description Drift Detected for test-drift-04 in plat-ue2-sandbox
Plan: 8 to add, 0 to change, 0 to destroy. atmos terraform plan test-drift-04 -s plat-ue2-sandbox + module.s3_bucket.aws_s3_bucket.default[0]+ module.s3_bucket.aws_s3_bucket_acl.default[0]+ module.s3_bucket.aws_s3_bucket_lifecycle_configuration.default[0]+ module.s3_bucket.aws_s3_bucket_ownership_controls.default[0]+ module.s3_bucket.aws_s3_bucket_policy.default[0]+ module.s3_bucket.aws_s3_bucket_public_access_block.default[0]+ module.s3_bucket.aws_s3_bucket_server_side_encryption_configuration.default[0]+ module.s3_bucket.aws_s3_bucket_versioning.default[0]Terraform Plan Summary
# module.s3_bucket.data.aws_iam_policy_document.aggregated_policy[0] will be read during apply# (config refers to values not yet known)<= data "aws_iam_policy_document" "aggregated_policy" {
+ id = + json = + override_policy_documents = + jsonencode (
{
+ Version = " 2012-10-17" + source_policy_documents = + (known after apply),
]
}
# module.s3_bucket.data.aws_iam_policy_document.bucket_policy[0] will be read during apply# (config refers to values not yet known)<= data "aws_iam_policy_document" "bucket_policy" {
+ id = + json = + statement {
+ actions = + " s3:PutObject" + effect = " Deny" + resources = + (known after apply),
]
+ sid = " DenyIncorrectEncryptionHeader" + condition {
+ test = " StringNotEquals" + values = + " AES256" + variable = " s3:x-amz-server-side-encryption" + principals {
+ identifiers = + " *" + type = " *" + statement {
+ actions = + " s3:PutObject" + effect = " Deny" + resources = + (known after apply),
]
+ sid = " DenyUnEncryptedObjectUploads" + condition {
+ test = " Null" + values = + " true" + variable = " s3:x-amz-server-side-encryption" + principals {
+ identifiers = + " *" + type = " *" + statement {
+ actions = + " s3:*" + effect = " Deny" + resources = + (known after apply),
+ (known after apply),
]
+ sid = " ForceSSLOnlyAccess" + condition {
+ test = " Bool" + values = + " false" + variable = " aws:SecureTransport" + principals {
+ identifiers = + " *" + type = " *" # module.s3_bucket.aws_s3_bucket.default[0] will be created+ resource "aws_s3_bucket" "default" {
+ acceleration_status = + acl = + arn = + bucket = " cptest-plat-ue2-sandbox-test-drift-04-19" + bucket_domain_name = + bucket_prefix = + bucket_regional_domain_name = + force_destroy = false
+ hosted_zone_id = + id = + object_lock_enabled = false
+ policy = + region = + request_payer = + tags = + " Environment" " ue2" + " Name" " cptest-plat-ue2-sandbox-test-drift-04-19" + " Namespace" " cptest" + " Stage" " sandbox" + " Tenant" " plat" + tags_all = + " Environment" " ue2" + " Name" " cptest-plat-ue2-sandbox-test-drift-04-19" + " Namespace" " cptest" + " Stage" " sandbox" + " Tenant" " plat" + website_domain = + website_endpoint = # module.s3_bucket.aws_s3_bucket_acl.default[0] will be created+ resource "aws_s3_bucket_acl" "default" {
+ acl = " private" + bucket = + id = # module.s3_bucket.aws_s3_bucket_lifecycle_configuration.default[0] will be created+ resource "aws_s3_bucket_lifecycle_configuration" "default" {
+ bucket = + id = + rule {
+ id = " default" + status = " Enabled" + abort_incomplete_multipart_upload {
+ days_after_initiation = 90
}
+ filter {
}
+ transition {
+ days = 730
+ storage_class = " GLACIER" # module.s3_bucket.aws_s3_bucket_ownership_controls.default[0] will be created+ resource "aws_s3_bucket_ownership_controls" "default" {
+ bucket = + id = + rule {
+ object_ownership = " ObjectWriter" # module.s3_bucket.aws_s3_bucket_policy.default[0] will be created+ resource "aws_s3_bucket_policy" "default" {
+ bucket = + id = + policy = # module.s3_bucket.aws_s3_bucket_public_access_block.default[0] will be created+ resource "aws_s3_bucket_public_access_block" "default" {
+ block_public_acls = true
+ block_public_policy = true
+ bucket = + id = + ignore_public_acls = true
+ restrict_public_buckets = true
}
# module.s3_bucket.aws_s3_bucket_server_side_encryption_configuration.default[0] will be created+ resource "aws_s3_bucket_server_side_encryption_configuration" "default" {
+ bucket = + id = + rule {
+ bucket_key_enabled = false
+ apply_server_side_encryption_by_default {
+ sse_algorithm = " AES256" # module.s3_bucket.aws_s3_bucket_versioning.default[0] will be created+ resource "aws_s3_bucket_versioning" "default" {
+ bucket = + id = + versioning_configuration {
+ mfa_delete = + status = " Suspended" : 8 to add, 0 to change, 0 to destroy.
Changes to Outputs:
~ bucket_arn = " arn:aws:s3:::cptest-plat-ue2-sandbox-test-drift-04-17" - > (known after apply)
~ bucket_domain_name = " cptest-plat-ue2-sandbox-test-drift-04-17.s3.amazonaws.com" - > (known after apply)
~ bucket_id = " cptest-plat-ue2-sandbox-test-drift-04-17" - > (known after apply)
~ bucket_region = " us-east-2" - > (known after apply)
~ bucket_regional_domain_name = " cptest-plat-ue2-sandbox-test-drift-04-17.s3.us-east-2.amazonaws.com" - > (known after apply) Metadata
{
"component" : " test-drift-04" "stack" : " plat-ue2-sandbox" "componentPath" : " components/terraform/s3-bucket" "commitSHA" : " 82710d1ad13aaa9ceb18fe44b040b7dcadbdb7bc" Related
Reactions are currently unavailable
You can’t perform that action at this time.
Drift Detected for
test-drift-04inplat-ue2-sandboxPlan: 8 to add, 0 to change, 0 to destroy.
To reproduce this locally, run:
Create
Terraform Plan Summary
Metadata
{ "component": "test-drift-04", "stack": "plat-ue2-sandbox", "componentPath": "components/terraform/s3-bucket", "commitSHA": "82710d1ad13aaa9ceb18fe44b040b7dcadbdb7bc" }Related