Skip to content
This repository has been archived by the owner on Jul 22, 2024. It is now read-only.

Commit

Permalink
fix: add files.pedaki.fr to main policy
Browse files Browse the repository at this point in the history
  • Loading branch information
Vahor committed Dec 25, 2023
1 parent 0eefc19 commit 3df2a05
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 2 deletions.
1 change: 1 addition & 0 deletions aws/policies/pulumi.json
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
"s3:DeleteBucketPolicy"
],
"Resource": [
"arn:aws:s3:::files.pedaki.fr",
"arn:aws:s3:::static.pedaki.fr"
]
},
Expand Down
10 changes: 9 additions & 1 deletion src/aws/resources/files-bucket.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,21 @@ export const createFilesBucket = () => {
acl: 'private',
});

const publicAccessBlock = new aws.s3.BucketPublicAccessBlock('publicAccessBlock', {
bucket: bucket.id,
blockPublicAcls: true,
blockPublicPolicy: true,
ignorePublicAcls: true,
restrictPublicBuckets: true,
});

const record = new cloudflare.Record('files.pedaki.fr', {
name: 'files',
type: 'CNAME',
value: bucket.bucketDomainName,
zoneId: env.CLOUDFLARE_ZONE_ID,
proxied: true,
ttl: 1, // TTL must be set to 1 when proxied is true
comment: `Automatically created by Pulumi`,
comment: `pulumi (infrastructure repo)`,
});
};
2 changes: 1 addition & 1 deletion src/aws/resources/static-bucket.ts
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,6 @@ export const createStaticBucket = () => {
zoneId: env.CLOUDFLARE_ZONE_ID,
proxied: true,
ttl: 1, // TTL must be set to 1 when proxied is true
comment: `Automatically created by Pulumi`,
comment: `pulumi (infrastructure repo)`,
});
};

0 comments on commit 3df2a05

Please sign in to comment.