diff --git a/builtin/providers/aws/resource_aws_s3_bucket.go b/builtin/providers/aws/resource_aws_s3_bucket.go
index dac7d7689..069cb837a 100644
--- a/builtin/providers/aws/resource_aws_s3_bucket.go
+++ b/builtin/providers/aws/resource_aws_s3_bucket.go
@@ -38,7 +38,6 @@ func resourceAwsS3Bucket() *schema.Resource {
 				Type:     schema.TypeString,
 				Default:  "private",
 				Optional: true,
-				ForceNew: true,
 			},
 
 			"policy": &schema.Schema{
@@ -224,6 +223,11 @@ func resourceAwsS3BucketUpdate(d *schema.ResourceData, meta interface{}) error {
 			return err
 		}
 	}
+	if d.HasChange("acl") {
+		if err := resourceAwsS3BucketAclUpdate(s3conn, d); err != nil {
+			return err
+		}
+	}
 
 	return resourceAwsS3BucketRead(d, meta)
 }
@@ -640,6 +644,24 @@ func WebsiteDomainUrl(region string) string {
 	return fmt.Sprintf("s3-website-%s.amazonaws.com", region)
 }
 
+func resourceAwsS3BucketAclUpdate(s3conn *s3.S3, d *schema.ResourceData) error {
+	acl := d.Get("acl").(string)
+	bucket := d.Get("bucket").(string)
+
+	i := &s3.PutBucketAclInput{
+		Bucket: aws.String(bucket),
+		ACL:    aws.String(acl),
+	}
+	log.Printf("[DEBUG] S3 put bucket ACL: %#v", i)
+
+	_, err := s3conn.PutBucketAcl(i)
+	if err != nil {
+		return fmt.Errorf("Error putting S3 ACL: %s", err)
+	}
+
+	return nil
+}
+
 func resourceAwsS3BucketVersioningUpdate(s3conn *s3.S3, d *schema.ResourceData) error {
 	v := d.Get("versioning").(*schema.Set).List()
 	bucket := d.Get("bucket").(string)
diff --git a/builtin/providers/aws/resource_aws_s3_bucket_test.go b/builtin/providers/aws/resource_aws_s3_bucket_test.go
index db134180b..0026775c8 100644
--- a/builtin/providers/aws/resource_aws_s3_bucket_test.go
+++ b/builtin/providers/aws/resource_aws_s3_bucket_test.go
@@ -71,6 +71,37 @@ func TestAccAWSS3Bucket_Policy(t *testing.T) {
 	})
 }
 
+func TestAccAWSS3Bucket_UpdateAcl(t *testing.T) {
+
+	ri := genRandInt()
+	preConfig := fmt.Sprintf(testAccAWSS3BucketConfigWithAcl, ri)
+	postConfig := fmt.Sprintf(testAccAWSS3BucketConfigWithAclUpdate, ri)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSS3BucketDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: preConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSS3BucketExists("aws_s3_bucket.bucket"),
+					resource.TestCheckResourceAttr(
+						"aws_s3_bucket.bucket", "acl", "public-read"),
+				),
+			},
+			resource.TestStep{
+				Config: postConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSS3BucketExists("aws_s3_bucket.bucket"),
+					resource.TestCheckResourceAttr(
+						"aws_s3_bucket.bucket", "acl", "private"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSS3Bucket_Website_Simple(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
@@ -521,3 +552,17 @@ resource "aws_s3_bucket" "bucket" {
 	}
 }
 `, randInt)
+
+var testAccAWSS3BucketConfigWithAcl = `
+resource "aws_s3_bucket" "bucket" {
+	bucket = "tf-test-bucket-%d"
+	acl = "public-read"
+}
+`
+
+var testAccAWSS3BucketConfigWithAclUpdate = `
+resource "aws_s3_bucket" "bucket" {
+	bucket = "tf-test-bucket-%d"
+	acl = "private"
+}
+`