-
Notifications
You must be signed in to change notification settings - Fork 881
/
Copy path__main__.py
55 lines (45 loc) · 1.49 KB
/
__main__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import json
import mimetypes
import os
from pulumi import FileAsset, Output, export, ResourceOptions
from pulumi_aws import s3
web_bucket = s3.BucketV2("s3-website-bucket")
web_site = s3.BucketWebsiteConfigurationV2(
"s3-website", bucket=web_bucket.bucket, index_document={"suffix": "index.html"}
)
public_access_block = s3.BucketPublicAccessBlock(
"public-access-block", bucket=web_bucket.id, block_public_acls=False
)
content_dir = "www"
for file in os.listdir(content_dir):
filepath = os.path.join(content_dir, file)
mime_type, _ = mimetypes.guess_type(filepath)
obj = s3.BucketObject(
file, bucket=web_bucket.id, source=FileAsset(filepath), content_type=mime_type
)
def public_read_policy_for_bucket(bucket_name):
return Output.json_dumps(
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": ["s3:GetObject"],
"Resource": [
Output.format("arn:aws:s3:::{0}/*", bucket_name),
],
}
],
}
)
bucket_name = web_bucket.id
bucket_policy = s3.BucketPolicy(
"bucket-policy",
bucket=bucket_name,
policy=public_read_policy_for_bucket(bucket_name),
opts=ResourceOptions(depends_on=[public_access_block]),
)
# Export the name of the bucket
export("bucket_name", web_bucket.id)
export("website_url", web_site.website_endpoint)