From 0c5cbd8b95bbb45e98ce8c118dea4310c01ac35b Mon Sep 17 00:00:00 2001 From: Ashleigh Simonelli Date: Mon, 21 Oct 2024 21:20:53 +0100 Subject: [PATCH] fix: rename buckets (#11481) * fix: change bucket names * fix: resolved bucket names * refactor: change physical name gen method for s3 bucket --- .../cdk/lib/create-S3-bucket.ts | 31 ++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/packages/deployment-service/cdk/lib/create-S3-bucket.ts b/packages/deployment-service/cdk/lib/create-S3-bucket.ts index fe65cc39d4..e4c506a76f 100644 --- a/packages/deployment-service/cdk/lib/create-S3-bucket.ts +++ b/packages/deployment-service/cdk/lib/create-S3-bucket.ts @@ -1,4 +1,5 @@ -import { Stack, Bucket, createBucket, BucketOptions } from '@reapit/ts-scripts/src/cdk' +import { Stack, Bucket, BucketOptions, PolicyStatement } from '@reapit/ts-scripts/src/cdk' +import { aws_s3, PhysicalName, aws_iam } from 'aws-cdk-lib' export enum BucketNames { LIVE = 'v2-cloud-deployment-live', @@ -7,6 +8,34 @@ export enum BucketNames { REPO_CACHE = 'v2-cloud-deployment-repo-cache', } +export const createBucket = (stack: Stack, bucketName: string, options?: BucketOptions): aws_s3.Bucket => { + const bucket = new aws_s3.Bucket(options?.stack || stack, bucketName, { + publicReadAccess: options?.public, + websiteIndexDocument: options?.public ? 'index.html' : undefined, + bucketName: bucketName || PhysicalName.GENERATE_IF_NEEDED, + }) + const actions: string[] = [] + if (options?.get) { + actions.push('s3:Get*') + } + if (options?.list) { + actions.push('s3:List*') + } + if (options?.put) { + actions.push('s3:Put*') + } + + bucket.addToResourcePolicy( + new PolicyStatement({ + effect: aws_iam.Effect.ALLOW, + actions, + resources: [bucket.arnForObjects('*')], + principals: [new aws_iam.ArnPrincipal('*')], + }), + ) + return bucket +} + export const createS3Buckets = (stack: Stack, usercodeStack: Stack, envStage: string): Record => { const bucketOptions: { [k in BucketNames]: BucketOptions