This repository has been archived by the owner on May 9, 2023. It is now read-only.
forked from Tokyo-Metro-Gov/covid19
-
Notifications
You must be signed in to change notification settings - Fork 14
S3関連の環境用意 #135
Comments
|
以下の名前でIAMユーザーのアクセスキー、シークレットアクセスキーを設定してください。
釈迦に説法だと思いますが、下記のようなIAMユーザーの権限でお願いします。 バケットは開発用、本番用で2つあればいいかな? |
対応遅くなってスミマセン、今週末見ます〜 |
CDKでやってみた結果 $ cdk deploy
This deployment will make potentially sensitive changes according to your current security approval level (--require-approval broadening).
Please confirm you intend to make the following modifications:
IAM Statement Changes
┌───┬────────────────────────┬────────┬────────────────────────┬─────────────────────────┬───────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼────────────────────────┼────────┼────────────────────────┼─────────────────────────┼───────────┤
│ + │ arn:aws:s3:::stopcovid │ Allow │ s3:DeleteObject │ AWS:${stopcovid19-hamam │ │
│ │ 19-hamamatsu-developme │ │ s3:GetBucketLocation │ atsu-developer} │ │
│ │ nt │ │ s3:GetObject │ │ │
│ │ arn:aws:s3:::stopcovid │ │ s3:ListBucket │ │ │
│ │ 19-hamamatsu-developme │ │ s3:PutObject │ │ │
│ │ nt/* │ │ │ │ │
└───┴────────────────────────┴────────┴────────────────────────┴─────────────────────────┴───────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Do you wish to deploy these changes (y/n)? y
Stopcovid19UsersStack: deploying...
Stopcovid19UsersStack: creating CloudFormation changeset...
1/8 | 22:06:42 | CREATE_COMPLETE | AWS::IAM::Policy | AllowS3BucketAccess (AllowS3BucketAccess0F0A9D34)
2/8 | 22:07:03 | CREATE_COMPLETE | AWS::IAM::User | jacoyutorius (jacoyutorius6BFD5474)
3/8 | 22:07:04 | CREATE_COMPLETE | AWS::IAM::User | euledge (euledgeD2ED370F)
3/8 | 22:07:05 | CREATE_IN_PROGRESS | AWS::IAM::AccessKey | jacoyutoriusKey
3/8 | 22:07:06 | CREATE_IN_PROGRESS | AWS::IAM::AccessKey | euledgeKey
3/8 | 22:07:06 | CREATE_IN_PROGRESS | AWS::IAM::AccessKey | jacoyutoriusKey Resource creation Initiated
4/8 | 22:07:06 | CREATE_COMPLETE | AWS::IAM::AccessKey | jacoyutoriusKey
4/8 | 22:07:06 | CREATE_IN_PROGRESS | AWS::IAM::AccessKey | euledgeKey Resource creation Initiated
5/8 | 22:07:07 | CREATE_COMPLETE | AWS::IAM::AccessKey | euledgeKey
6/8 | 22:07:08 | CREATE_COMPLETE | AWS::CloudFormation::Stack | Stopcovid19UsersStack
✅ Stopcovid19UsersStack
Outputs:
Stopcovid19UsersStack.jacoyutoriusSecretAccessKey = ****************
Stopcovid19UsersStack.euledgeSecretAccessKey = ****************
Stopcovid19UsersStack.euledgeAccessKey = ****************
Stopcovid19UsersStack.jacoyutoriusAccessKey = ****************
Stack ARN:
arn:aws:cloudformation:ap-northeast-1:865422985541:stack/Stopcovid19UsersStack/4bb8a410-8175-11ea-a9bd-0e3b3e43d478
**************************************************
*** Newer version of CDK is available [1.33.0] ***
*** Upgrade recommended ***
************************************************** |
@euledge とりあえず以下のキーはsecretsに設定しました。ほかこちらで設定するところあります?
|
用意してもらったバケットは |
そうですね、本番用は必要になったら作ろうかと思ってますー |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
改善詳細 / Details of Improvement
主にeuledgeさん用。
将来的なAWS以降のための検証環境として以下を用意する。
The text was updated successfully, but these errors were encountered: