Unrecognized property 'ownershipControls'

dta · March 21, 2023, 5:33pm

Hi,

I am trying to modify one of the buckets that is attached to the lambda function that my serverless.yml deploys. I am trying to configure the object ownership to be “BucketOwnerPreferred”. Referencing AWS documentation ( AWS::S3::Bucket OwnershipControls - AWS CloudFormation (amazon.com)) I would use the variable “ownershipControls” (lowercase o because I am modifying the property inline and not in the ‘resources’ section).

However, this variable is not recognized. Am I calling it wrong here? Code block is as follows:

provider:
  stage: dev
  name: aws
  profile: ${self:custom.useProfile}
  runtime: nodejs14.x
  s3:
    publicBucket:
      name: ${self:custom.publicBucket}
      publicAccessBlockConfiguration:
        BlockPublicAcls: false
        BlockPublicPolicy: false
        RestrictPublicBuckets: false
      ownershipControls:
          Rules:
            - ObjectOwnership: BucketOwnerEnforced

Any help is greatly appreciated!!

Thank you,
Donny

jim-barber-he · September 27, 2023, 12:01am

Did you manage to solve this?

I’m currently using the latest Serverless version and it dies like so:

Environment: linux, node 16.20.2, framework 3.35.2, plugin 7.0.4, SDK 4.4.0
Credentials: Local, environment variables
Docs:        docs.serverless.com
Support:     forum.serverless.com
Bugs:        github.com/serverless/serverless/issues

Error:
Configuration error at 'provider.s3.staging': unrecognized property 'ownershipControls'

Learn more about configuration validation here: http://slss.io/configuration-validation
ERROR: 1

The relevant part in the provider: section is:

  s3:
    staging:
      name: ${self:custom.stagingBucket}
      publicAccessBlockConfiguration:
        BlockPublicAcls: true
        IgnorePublicAcls: true
        BlockPublicPolicy: true
        RestrictPublicBuckets: true
      bucketEncryption:
        ServerSideEncryptionConfiguration:
          - ServerSideEncryptionByDefault:
              SSEAlgorithm: "AES256"
      ownershipControls:
        Rules:
          - ObjectOwnership: BucketOwnerPreferred

The documentation at https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml#s3-buckets shows an example like so:

	
provider:
  # If you need to configure the bucket itself, you'll need to add s3 resources to the provider configuration
  s3:
    # Eventual additional properties in camel case
    bucketOne:
      # Supported properties are the same ones as supported by CF resource for S3 bucket
      # See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html
      name: my-custom-bucket-name
      versioningConfiguration:
        Status: Enabled

And the documentation at the link in the example comment takes you to AWS::S3::Bucket OwnershipControls - AWS CloudFormation has the example of:

AWSTemplateFormatVersion: 2010-09-09
Resources:
  S3Bucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      OwnershipControls:
        Rules:
          - ObjectOwnership: BucketOwnerPreferred

So it seems like this should work, but it doesn’t.

If I remove the ownershipControls: section then everything deploys but the Object Ownership on the created bucket is Object writer instead of Bucket owner preferred

Does anyone else know why or how to achieve it?

Topic		Replies	Views
Value of property Variables must be an object with String (or simple type) properties Serverless Framework aws	1	4835	December 20, 2017
Approached unrecognized configuration variable sources: "self", "aws" Serverless Framework variables	3	2698	December 15, 2021
(HELP) Custom variable for ENV always error Serverless Framework variables	0	542	March 5, 2019
Tenant property won't accept a variable Serverless Framework aws , variables	0	510	July 5, 2019
"provider.stage" property is not accessible -- what's changed? Serverless Framework lambda	4	9240	May 2, 2023

Unrecognized property 'ownershipControls'

Related topics