diff --git a/infrastructure/dogfood/terraform/aws/firehose.tf b/infrastructure/dogfood/terraform/aws/firehose.tf
index ed224b8cee..6875c6ab46 100644
--- a/infrastructure/dogfood/terraform/aws/firehose.tf
+++ b/infrastructure/dogfood/terraform/aws/firehose.tf
@@ -42,13 +42,6 @@ resource "aws_s3_bucket" "osquery-status" { #tfsec:ignore:aws-s3-encryption-cust
   bucket = var.osquery_status_s3_bucket
   acl    = "private"
 
-  lifecycle_rule {
-    enabled = true
-    expiration {
-      days = 1
-    }
-  }
-
   server_side_encryption_configuration {
     rule {
       apply_server_side_encryption_by_default {
@@ -58,6 +51,18 @@ resource "aws_s3_bucket" "osquery-status" { #tfsec:ignore:aws-s3-encryption-cust
   }
 }
 
+resource "aws_s3_bucket_lifecycle_configuration" "osquery-status" {
+  bucket = aws_s3_bucket.osquery-status.id
+
+  rule {
+    id     = "rule-1"
+    status = "Enabled"
+    expiration {
+      days = 1
+    }
+  }
+}
+
 resource "aws_s3_bucket_public_access_block" "osquery-status" {
   bucket                  = aws_s3_bucket.osquery-status.id
   block_public_acls       = true
@@ -153,4 +158,4 @@ resource "aws_kinesis_firehose_delivery_stream" "osquery_status" {
     role_arn   = aws_iam_role.firehose-status.arn
     bucket_arn = aws_s3_bucket.osquery-status.arn
   }
-}
\ No newline at end of file
+}