BucketOwnerEnforced s3 buckets cant have an acl (#301)

Co-authored-by: Erik Osterman (CEO @ Cloud Posse) <[email protected]>

Author: mfuhrmeisterDM

main.tf

@@ -318,7 +318,7 @@ resource "aws_s3_bucket_cors_configuration" "origin" {
 
 resource "aws_s3_bucket_acl" "origin" {
   depends_on = [aws_s3_bucket_ownership_controls.origin]
-  count      = local.create_s3_origin_bucket ? 1 : 0
+  count      = local.create_s3_origin_bucket && var.s3_object_ownership != "BucketOwnerEnforced" ? 1 : 0
 
   bucket = one(aws_s3_bucket.origin).id
   acl    = "private"