Skip to content

Commit

Permalink
DOP-4359: add LanguagesBucket for s3 (#1016)
Browse files Browse the repository at this point in the history
* add LanguagesBucket for s3

* add docs-languages bucket to cdk-infra list
  • Loading branch information
mmeigs authored Mar 25, 2024
1 parent f75b3fc commit 0480b71
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 3 deletions.
1 change: 1 addition & 0 deletions cdk-infra/utils/buckets.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ export const docsBucketNames = [
'docs-go',
'docs-java',
'docs-node',
'docs-languages',
] as const;

interface CustomBucketProps {
Expand Down
43 changes: 43 additions & 0 deletions infrastructure/ecs-main/buckets.yml
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,19 @@ Resources:
IndexDocument: index.html
ErrorDocument: ${self:custom.site.errorDoc.${self:provider.stage}, null}

LanguagesBucket:
Type: "AWS::S3::Bucket"
Properties:
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy: false
IgnorePublicAcls: false
RestrictPublicBuckets: false
BucketName: ${self:custom.languagesBucketName}
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: ${self:custom.site.errorDoc.${self:provider.stage}, null}

DocsBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Expand Down Expand Up @@ -415,3 +428,33 @@ Resources:
Action: 's3:PutObject'
Resource:
- Fn::Join: ['', [{ "Fn::GetAtt": ["CSharpBucket", "Arn" ] }, '/*']]

LanguagesBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: LanguagesBucket
PolicyDocument:
Statement:
- Sid: PublicReadGetObject
Effect: Allow
Principal: "*"
Action:
- s3:GetObject
Resource:
- Fn::Join: ['', [{ "Fn::GetAtt": ["LanguagesBucket", "Arn" ] }, '/*']]
- Effect: Allow
Principal:
AWS: arn:aws:iam::${aws:accountId}:role/docs-archive-job-${self:provider.stage}-batch
Action:
- 's3:GetObject'
- 's3:ListBucket'
Resource:
- Fn::Join: ['', [{ "Fn::GetAtt": ["LanguagesBucket", "Arn" ] }, '/*']]
- Fn::Join: ['', [{ "Fn::GetAtt": ["LanguagesBucket", "Arn" ] }]]
- Effect: Allow
Principal:
AWS: arn:aws:iam::${aws:accountId}:role/docs-deploy-job-${self:provider.stage}-batch
Action: 's3:PutObject'
Resource:
- Fn::Join: ['', [{ "Fn::GetAtt": ["LanguagesBucket", "Arn" ] }, '/*']]
4 changes: 1 addition & 3 deletions infrastructure/ecs-main/serverless.yml
Original file line number Diff line number Diff line change
Expand Up @@ -121,11 +121,9 @@ custom:
cSharpBucketName: docs-csharp-${self:provider.stage}
cSharpIntgrBucketName: docs-csharp-dev
goBucketName: docs-go-${self:provider.stage}
goIntgrBucketName: docs-go-intgr
javaBucketName: docs-java-${self:provider.stage}
javaIntgrBucketName: docs-java-intgr
nodeBucketName: docs-node-${self:provider.stage}
nodeIntgrBucketName: docs-node-intgr
languagesBucketName: docs-languages-${self:provider.stage}
jobCollection: ${ssm:/env/${self:provider.stage}/docs/worker_pool/atlas/collections/job/queue}
repoBranchesCollection: ${ssm:/env/${self:provider.stage}/docs/worker_pool/atlas/collections/repo}
docsetsCollection: ${ssm:/env/${self:provider.stage}/docs/worker_pool/atlas/collections/docsets}
Expand Down

0 comments on commit 0480b71

Please sign in to comment.