if S3_ACL is empty then will not use ACL in PutObject, fix #785

Author: Slach

ChangeLog.md

@@ -1,6 +1,7 @@
 # v2.4.8
 BUG FIXES
 - fix Object Disks path parsing from config, remove unnecessary "/"
+- if `S3_ACL` is empty then will not use ACL in PutObject, fix [785](https://github.com/Altinity/clickhouse-backup/issues/785) 
 
 # v2.4.7
 BUG FIXES

ReadMe.md

@@ -469,7 +469,10 @@ s3:
   bucket: ""                       # S3_BUCKET
   endpoint: ""                     # S3_ENDPOINT
   region: us-east-1                # S3_REGION
-  acl: private                     # S3_ACL
+  # AWS changed S3 defaults in April 2023 so that all new buckets have ACL disabled: https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/
+  # They also recommend that ACLs are disabled: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ensure-object-ownership.html
+  # use `acl: ""` if you see "api error AccessControlListNotSupported: The bucket does not allow ACLs"
+  acl: private                     # S3_ACL 
   assume_role_arn: ""              # S3_ASSUME_ROLE_ARN
   force_path_style: false          # S3_FORCE_PATH_STYLE
   path: ""                         # S3_PATH, `system.macros` values can be applied as {macro_name}

pkg/storage/s3.go

@@ -264,12 +264,15 @@ func (s *S3) GetFileReaderWithLocalPath(ctx context.Context, key, localPath stri
 
 func (s *S3) PutFile(ctx context.Context, key string, r io.ReadCloser) error {
 	params := s3.PutObjectInput{
-		ACL:          s3types.ObjectCannedACL(s.Config.ACL),
 		Bucket:       aws.String(s.Config.Bucket),
 		Key:          aws.String(path.Join(s.Config.Path, key)),
 		Body:         r,
 		StorageClass: s3types.StorageClass(strings.ToUpper(s.Config.StorageClass)),
 	}
+	// ACL shall be optional, fix https://github.com/Altinity/clickhouse-backup/issues/785
+	if s.Config.ACL != "" {
+		params.ACL = s3types.ObjectCannedACL(s.Config.ACL)
+	}
 	// https://github.com/Altinity/clickhouse-backup/issues/588
 	if len(s.Config.ObjectLabels) > 0 {
 		tags := ""