diff --git a/README.md b/README.md
index 98705a0c1..efd0ef60d 100644
--- a/README.md
+++ b/README.md
@@ -58,7 +58,7 @@ jobs:
1. [AWS Route53 Domains and Certificates](#aws-route53-domains-and-certificate-inputs)
1. [Load Balancer](#load-balancer-inputs-classic-elb)
1. [Application Load Balancer Inputs (ALB)](#application-load-balancer-inputs-alb)
-1. [WAF](#waf)
+1. [WAF](#waf-inputs)
1. [EFS](#efs-inputs)
1. [RDS](#rds-inputs)
1. [Amazon Aurora Inputs](#aurora-inputs)
@@ -220,17 +220,20 @@ The following inputs can be used as `step.with` keys
| `aws_alb_app_port` | String | Comma-separated list of application ports for ALB target group. If none defined, will use `aws_alb_listen_port` ones. |
| `aws_alb_app_protocol` | String | Comma-separated list of protocols for ALB target group (HTTP/HTTPS). Defaults to `HTTP`. |
| `aws_alb_listen_port` | String | Comma-separated list of listener ports for ALB. Depending on certificate, defaults to `80` or `443`. |
-| `aws_alb_listen_protocol` | String | Comma-separated list of listener protocols for ALB (HTTP/HTTPS). Defaults to Depending on certificate, defaults to `HTTP` or `HTTPS`. |
+| `aws_alb_listen_protocol` | String | Comma-separated list of listener protocols for ALB (HTTP/HTTPS). Depending on certificate, defaults to `HTTP` or `HTTPS`. |
| `aws_alb_redirect_enable` | Boolean | Enable HTTP to HTTPS redirection on ALB. Defaults to `false` |
| `aws_alb_www_to_apex_redirect` | Boolean | Enable www to apex domain redirection on ALB. Defaults to `false` |
| `aws_alb_healthcheck_path` | String | Health check path for ALB target group. Defaults to `"/"` |
| `aws_alb_healthcheck_protocol` | String | Health check protocol for ALB target group. Defaults to `"HTTP"` |
| `aws_alb_ssl_policy` | String | SSL policy for HTTPS listeners. More [here](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) |
+| `aws_alb_access_log_enabled` | Boolean | Enable ALB access logs. |
+| `aws_alb_access_log_bucket_name` | String | S3 bucket name to store the ALB access logs. Defaults to `${aws_resource_identifier}-lb`. **Bucket will be deleted if stack is destroyed.** |
+| `aws_alb_access_log_expire` | String | Delete the access logs after this amount of days. Defaults to `90`. Set to `0` in order to disable this policy. |
| `aws_alb_additional_tags`| String | A list of strings that will be added to created resources. Example: `{"key1": "value1", "key2": "value2"}`. Default `"{}"` |
-#### **WAF**
+#### **WAF Inputs**
| Name | Type | Description |
|------------------|---------|------------------------------------|
| `aws_waf_enable` | Boolean | Enable WAF for load balancer (LB only - NOT ELB). Default is `false` |
diff --git a/operations/_scripts/deploy/deploy.sh b/operations/_scripts/deploy/deploy.sh
index 0c6884ef7..651dfe146 100755
--- a/operations/_scripts/deploy/deploy.sh
+++ b/operations/_scripts/deploy/deploy.sh
@@ -36,8 +36,8 @@ export GITHUB_IDENTIFIER_SS="$($GITHUB_ACTION_PATH/operations/_scripts/generate/
# Generate buckets identifiers and check them agains AWS Rules
export TF_STATE_BUCKET="$(/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/generate/generate_buckets_identifiers.sh tf | xargs)"
/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/deploy/check_bucket_name.sh $TF_STATE_BUCKET
-export AWS_ELB_ACCESS_LOG_BUCKET_NAME="$(/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/generate/generate_buckets_identifiers.sh lb | xargs)"
-/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/deploy/check_bucket_name.sh $AWS_ELB_ACCESS_LOG_BUCKET_NAME
+#export AWS_ELB_ACCESS_LOG_BUCKET_NAME="$(/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/generate/generate_buckets_identifiers.sh lb | xargs)"
+#/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/deploy/check_bucket_name.sh $AWS_ELB_ACCESS_LOG_BUCKET_NAME
# Generate the provider.tf file
/bin/bash $GITHUB_ACTION_PATH/operations/_scripts/generate/generate_provider.sh
diff --git a/operations/_scripts/generate/generate_buckets_identifiers.sh b/operations/_scripts/generate/generate_buckets_identifiers.sh
index 9f6403c1e..07a3bb97f 100755
--- a/operations/_scripts/generate/generate_buckets_identifiers.sh
+++ b/operations/_scripts/generate/generate_buckets_identifiers.sh
@@ -19,7 +19,7 @@ case $1 in
;;
lb)
- # Generate AWS_ELB_ACCESS_LOG_BUCKET_NAME ID
+ # Generate AWS_ELB_ACCESS_LOG_BUCKET_NAME ID - # Not in use anymore
# Add trailing id depending on name length - See AWS S3 bucket naming rules
if [[ ${#GITHUB_IDENTIFIER} < 59 ]]; then
AWS_ELB_ACCESS_LOG_BUCKET_NAME="${GITHUB_IDENTIFIER}-logs"
diff --git a/operations/deployment/terraform/aws/bitovi_main.tf b/operations/deployment/terraform/aws/bitovi_main.tf
index f0fa878f0..8045aa9b4 100644
--- a/operations/deployment/terraform/aws/bitovi_main.tf
+++ b/operations/deployment/terraform/aws/bitovi_main.tf
@@ -109,7 +109,7 @@ module "aws_elb" {
aws_elb_listen_port = var.aws_elb_listen_port
aws_elb_listen_protocol = var.aws_elb_listen_protocol
aws_elb_healthcheck = var.aws_elb_healthcheck
- aws_elb_access_log_bucket_name = var.aws_elb_access_log_bucket_name
+ aws_elb_access_log_bucket_name = var.aws_elb_access_log_bucket_name != "" ? var.aws_elb_access_log_bucket_name : ( length(var.aws_resource_identifier) < 59 ? "${var.aws_resource_identifier}-logs" : "${var.aws_resource_identifier}-lg" )
aws_elb_access_log_expire = var.aws_elb_access_log_expire
# EC2
aws_instance_server_az = [module.vpc.preferred_az]
@@ -144,7 +144,7 @@ module "aws_lb" {
aws_alb_ssl_policy = var.aws_alb_ssl_policy
# Logging
aws_alb_access_log_enabled = var.aws_alb_access_log_enabled
- aws_alb_access_log_bucket_name = var.aws_alb_access_log_bucket_name
+ aws_alb_access_log_bucket_name = var.aws_alb_access_log_bucket_name != "" ? var.aws_alb_access_log_bucket_name : "${var.aws_resource_identifier}-lb"
aws_alb_access_log_expire = var.aws_alb_access_log_expire
# EC2
aws_vpc_selected_id = module.vpc.aws_selected_vpc_id