From 0c70e68c37ef86c1f02d7e0ec5da53dabe1bc2c5 Mon Sep 17 00:00:00 2001
From: Austin Wise <wisea@google.com>
Date: Sat, 2 Jul 2022 12:37:51 -0700
Subject: [PATCH] Document that S3 ACLs must be enabled

When using the web GUI to create a bucket, both AWS S3 and GCS have
ACLs disabled by default.
---
 content/en/admin/config.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/content/en/admin/config.md b/content/en/admin/config.md
index 68c0f75d..6f3ff4d4 100644
--- a/content/en/admin/config.md
+++ b/content/en/admin/config.md
@@ -554,6 +554,8 @@ You must serve the files with CORS headers, otherwise some functions of Mastodon
 
 {{< page-ref page="admin/optional/object-storage" >}}
 
+The bucket must support access control lists (ACLs). For AWS S3, this means setting the "Object Ownership" setting to "ACLs enabled". For Google Cloud Storage, this means setting the "Access control" setting to "Fine-grained".
+
 #### `S3_ENABLED`
 
 #### `S3_REGION`