sts: put_object with bucket-owner-full-control

some session policy tests try get_object() after put_object() to test
differences between session- and role policy, but put_object() adds ACLs
that already grant access for get_object(). set canned acl
'bucket-owner-full-control' on put_object() so that get_object()
permissions rely solely on policy

Signed-off-by: Casey Bodley <[email protected]>

Author: cbodley

s3tests/functional/test_sts.py

@@ -1081,7 +1081,7 @@ def test_session_policy_bucket_policy_role_arn():
                 region_name='',
                 )
     bucket_body = 'this is a test file'
-    s3_put_obj = s3_client.put_object(Body=bucket_body, Bucket=bucket_name_1, Key="test-1.txt")
+    s3_put_obj = s3_client.put_object(Body=bucket_body, Bucket=bucket_name_1, Key="test-1.txt", ACL='bucket-owner-full-control')
     assert s3_put_obj['ResponseMetadata']['HTTPStatusCode'] == 200
 
     try:
@@ -1157,7 +1157,7 @@ def test_session_policy_bucket_policy_session_arn():
                 region_name='',
                 )
     bucket_body = 'this is a test file'
-    s3_put_obj = s3_client.put_object(Body=bucket_body, Bucket=bucket_name_1, Key="test-1.txt")
+    s3_put_obj = s3_client.put_object(Body=bucket_body, Bucket=bucket_name_1, Key="test-1.txt", ACL='bucket-owner-full-control')
     assert s3_put_obj['ResponseMetadata']['HTTPStatusCode'] == 200