Skip to content

Commit c3ad15b

Browse files
svevangsvevang
authored
Add bucket for datalake (#879)
* Add bucket for datalake * Bucket is not versioned
1 parent 623b270 commit c3ad15b

File tree

1 file changed

+53
-2
lines changed

1 file changed

+53
-2
lines changed

spire/templates/apps/augury.yml

Lines changed: 53 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -240,7 +240,6 @@ Resources:
240240
- s3:Get*
241241
- s3:ListBucket
242242
- s3:ListBucketMultipartUploads
243-
- s3:ListBucketVersions
244243
Effect: Allow
245244
Resource: !Ref AdFilesS3BucketArn
246245
Sid: AllowBucketActions
@@ -250,12 +249,32 @@ Resources:
250249
- s3:ListMultipartUploadParts
251250
- s3:PutObject
252251
- s3:PutObjectAcl
253-
- s3:PutObjectVersionAcl
254252
Effect: Allow
255253
Resource: !Sub ${AdFilesS3BucketArn}/*
256254
Sid: AllowObjectActions
257255
Version: "2012-10-17"
258256
PolicyName: S3UploadAccess
257+
- PolicyDocument:
258+
Statement:
259+
- Action:
260+
- s3:Get*
261+
- s3:ListBucket
262+
- s3:ListBucketMultipartUploads
263+
Effect: Allow
264+
Resource: !GetAtt ForecastsDataLakeBucket.Arn
265+
Sid: AllowDataLakeBucketActions
266+
- Action:
267+
- s3:AbortMultipartUpload
268+
- s3:DeleteObject
269+
- s3:Get*
270+
- s3:ListMultipartUploadParts
271+
- s3:PutObject
272+
- s3:PutObjectAcl
273+
Effect: Allow
274+
Resource: !Sub ${ForecastsDataLakeBucket.Arn}/*
275+
Sid: AllowDataLakeObjectActions
276+
Version: "2012-10-17"
277+
PolicyName: ForecastsDataLakeBucket
259278
Tags:
260279
- { Key: prx:meta:tagging-version, Value: "2021-04-07" }
261280
- { Key: prx:cloudformation:stack-name, Value: !Ref AWS::StackName }
@@ -453,6 +472,10 @@ Resources:
453472
Value: !If [IsProduction, Augury Production, Augury Staging]
454473
- Name: BQ_DATASET
455474
Value: !If [IsProduction, production, staging]
475+
- Name: DATALAKE_URI
476+
Value: !Sub s3://${ForecastsDataLakeBucket}
477+
- Name: DATALAKE_AWS_REGION
478+
Value: !Ref AWS::Region
456479
- Name: SLOW_WORKER_RELAY_SQS_URL
457480
Value: !Ref SlowWorkerRelaySqsQueue
458481
- Name: SLACK_SNS_TOPIC
@@ -620,6 +643,10 @@ Resources:
620643
Value: !If [IsProduction, Augury Production, Augury Staging]
621644
- Name: BQ_DATASET
622645
Value: !If [IsProduction, production, staging]
646+
- Name: DATALAKE_URI
647+
Value: !Sub s3://${ForecastsDataLakeBucket}
648+
- Name: DATALAKE_AWS_REGION
649+
Value: !Ref AWS::Region
623650
- Name: SLOW_WORKER_RELAY_SQS_URL
624651
Value: !Ref SlowWorkerRelaySqsQueue
625652
- Name: SLACK_SNS_TOPIC
@@ -696,6 +723,26 @@ Resources:
696723
- { Key: prx:dev:application, Value: Augury }
697724
TaskRoleArn: !GetAtt TaskRole.Arn
698725

726+
ForecastsDataLakeBucket:
727+
Type: AWS::S3::Bucket
728+
DeletionPolicy: Retain
729+
UpdateReplacePolicy: Retain
730+
Properties:
731+
PublicAccessBlockConfiguration:
732+
BlockPublicAcls: true
733+
BlockPublicPolicy: true
734+
IgnorePublicAcls: true
735+
RestrictPublicBuckets: true
736+
Tags:
737+
- { Key: prx:meta:tagging-version, Value: "2021-04-07" }
738+
- { Key: prx:cloudformation:stack-name, Value: !Ref AWS::StackName }
739+
- { Key: prx:cloudformation:stack-id, Value: !Ref AWS::StackId }
740+
- { Key: prx:cloudformation:root-stack-name, Value: !Ref RootStackName }
741+
- { Key: prx:cloudformation:root-stack-id, Value: !Ref RootStackId }
742+
- { Key: prx:ops:environment, Value: !Ref EnvironmentType }
743+
- { Key: prx:dev:family, Value: Dovetail }
744+
- { Key: prx:dev:application, Value: Augury }
745+
699746
S3SigningUser:
700747
Type: AWS::IAM::User
701748
Properties:
@@ -1048,6 +1095,10 @@ Resources:
10481095
Value: !If [IsProduction, Augury Production, Augury Staging]
10491096
- Name: BQ_DATASET
10501097
Value: !If [IsProduction, production, staging]
1098+
- Name: DATALAKE_URI
1099+
Value: !Sub s3://${ForecastsDataLakeBucket}
1100+
- Name: DATALAKE_AWS_REGION
1101+
Value: !Ref AWS::Region
10511102
- Name: SLACK_SNS_TOPIC
10521103
Value: !Ref SlackMessageRelaySnsTopicArn
10531104
- Name: SLACK_CHANNEL_ID

0 commit comments

Comments
 (0)