aws_s3: Output should not set ACL by default

[ttreptow]

Relatively recently in version 4.56.0, a change was added to add the object_canned_acl config to aws_s3 and set the default to private.

Since 2023 the default setting for new S3 buckets has been to set the "bucket owner enforced" policy, which disables ACLs altogether. Thus I think the default behavior should be to not set an ACL or have the default be bucket-owner-full-control.

Setting an ACL means that the upload will break in certain situations. I believe that the 'private' ACL works for buckets in the same account since the API basically ignores it. However for buckets in other accounts this fails. This change lead to an unfortunate situation where we were suddenly unable to push files to a client's bucket because we had upgraded the version of redpanda-connect from <4.56 to 4.86.

From the doc string on the UploadObjectInput ACL field:

// If the bucket that you're uploading objects to uses the bucket owner enforced
// setting for S3 Object Ownership, ACLs are disabled and no longer affect
// permissions. Buckets that use this setting only accept PUT requests that don't
// specify an ACL or PUT requests that specify bucket owner full control ACLs, such
// as the bucket-owner-full-control canned ACL or an equivalent form of this ACL
// expressed in the XML format. PUT requests that contain other ACLs (for example,
// custom grants to certain Amazon Web Services accounts) fail and return a 400
// error with the error code AccessControlListNotSupported . For more information,
// see [Controlling ownership of objects and disabling ACLs]in the Amazon S3 User Guide.