@seasketch/geoprocessing/dist/scripts/aws/buckets.js

Geoprocessing and reporting framework for SeaSketch 2.0

import { RemovalPolicy } from "aws-cdk-lib";
import { BlockPublicAccess, Bucket } from "aws-cdk-lib/aws-s3";
export const createPublicBuckets = (stack) => {
    const buckets = {
        result: undefined,
        dataset: new Bucket(stack, `GpDatasetBucket`, {
            bucketName: `gp-${stack.props.projectName}-datasets`,
            versioned: false,
            blockPublicAccess: new BlockPublicAccess({
                blockPublicPolicy: false,
                blockPublicAcls: false,
                restrictPublicBuckets: false,
                ignorePublicAcls: false,
            }),
            publicReadAccess: true,
            cors: [
                {
                    allowedOrigins: ["*"],
                    allowedMethods: ["HEAD", "GET"],
                    allowedHeaders: ["*"],
                    id: "cors-rule",
                    maxAge: 3600,
                },
            ],
            removalPolicy: RemovalPolicy.DESTROY,
            autoDeleteObjects: true,
        }),
    };
    if (stack.getProcessingFunctions().length > 0) {
        buckets.result = new Bucket(stack, `GpResultBucket`, {
            bucketName: `gp-${stack.props.projectName}-results`,
            versioned: false,
            publicReadAccess: false,
            cors: [
                {
                    allowedOrigins: ["*"],
                    allowedMethods: ["HEAD", "GET"],
                    allowedHeaders: ["*"],
                    id: "cors-rule",
                    maxAge: 3600,
                },
            ],
            removalPolicy: RemovalPolicy.DESTROY,
            autoDeleteObjects: true,
        });
    }
    return buckets;
};
/** Setup resource access to buckets */
export const setupBucketFunctionAccess = (stack) => {
    // sync
    for (const syncFunctionWithMeta of stack.getSyncFunctionsWithMeta()) {
        if (stack.publicBuckets.result) {
            stack.publicBuckets.result.grantReadWrite(syncFunctionWithMeta.func);
            syncFunctionWithMeta.func.addEnvironment("resultBucketUrl", stack.publicBuckets.result.urlForObject());
        }
        stack.publicBuckets.dataset.grantRead(syncFunctionWithMeta.func);
        syncFunctionWithMeta.func.addEnvironment("datasetBucketUrl", stack.publicBuckets.dataset.urlForObject());
    }
    // async
    for (const asyncFunctionWithMeta of stack.getAsyncFunctionsWithMeta()) {
        if (stack.publicBuckets.result) {
            stack.publicBuckets.result.grantReadWrite(asyncFunctionWithMeta.startFunc);
            stack.publicBuckets.result.grantReadWrite(asyncFunctionWithMeta.runFunc);
            asyncFunctionWithMeta.runFunc.addEnvironment("resultBucketUrl", stack.publicBuckets.result.urlForObject());
        }
        stack.publicBuckets.dataset.grantRead(asyncFunctionWithMeta.runFunc);
        asyncFunctionWithMeta.runFunc.addEnvironment("datasetBucketUrl", stack.publicBuckets.dataset.urlForObject());
    }
};
//# sourceMappingURL=buckets.js.map