[BUG]

[cdaniluk]

Describe the bug
Timing issue causing terraform apply to fail when creating this module from scratch.

Error: Error creating CloudTrail: InsufficientS3BucketPolicyException: Incorrect S3 bucket policy is detected for bucket: 028266382041-us-east-1-cloudtrail

  on .terraform/modules/cloudtrail-logging/main.tf line 8, in resource "aws_cloudtrail" "trail":
   8: resource "aws_cloudtrail" "trail" {

To Reproduce
Create a new instance of this module. It will fail all or most of the time.

Running a second time resolves the issue.

Expected behavior
Should run on first run every time.

[sblack4]

huh, have you tried setting the dependency block in aws_cloudtrail to the IAM role? Also, should I prioritize this?

[cdaniluk]

uh I didn't mean to assign this to you. It had you suggested as an assignee, but I didn't think that would assign automatically.

Pretty sure it's just a missing dependency though there's a timing issue when you create a bucket policy and public access policy close together in the AWS API, so we might also need to introduce a delay. Whatever the issue, it is definitely not important right now.