Created
November 3, 2016 13:28
-
-
Save Halama/338a39612ff10f69c0b59a8f3e2c1e25 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Resources": { | |
"S3FilesBucket": { | |
"Type": "AWS::S3::Bucket", | |
"Properties": { | |
"CorsConfiguration": { | |
"CorsRules": [ | |
{ | |
"AllowedHeaders": [ | |
"*" | |
], | |
"AllowedMethods": [ | |
"GET", | |
"PUT", | |
"POST", | |
"DELETE" | |
], | |
"AllowedOrigins": [ | |
"*" | |
], | |
"MaxAge": "3600" | |
} | |
] | |
}, | |
"LifecycleConfiguration": { | |
"Rules": [ | |
{ | |
"Id": "After 180 days to glacier and 270 delete", | |
"Prefix": "exp-180", | |
"ExpirationInDays": 270, | |
"Transition": { | |
"StorageClass": "GLACIER", | |
"TransitionInDays": 180 | |
}, | |
"Status": "Enabled" | |
}, | |
{ | |
"Id": "Delete after 30 days", | |
"Prefix": "exp-30", | |
"ExpirationInDays": 30, | |
"Status": "Enabled" | |
} | |
] | |
}, | |
"Tags": [ | |
{ | |
"Key": "Name", | |
"Value": "keboola-file-storage" | |
} | |
] | |
} | |
}, | |
"User": { | |
"Type": "AWS::IAM::User", | |
"Properties": { | |
"Path": "/", | |
"Policies": [ | |
{ | |
"PolicyName": "S3Access", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ "s3:*" ], | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", [ "arn:aws:s3:::", { | |
"Ref": "S3FilesBucket" | |
} , "/*" ] | |
] | |
} | |
] | |
}, | |
{ | |
"Sid": "AllowListingOfUserFolder", | |
"Action": [ | |
"s3:ListBucket", | |
"s3:GetBucketLocation" | |
], | |
"Effect": "Allow", | |
"Resource": [ | |
{ | |
"Fn::Join": [ | |
"", | |
[ | |
"arn:aws:s3:::", | |
{ | |
"Ref": "S3FilesBucket" | |
} | |
] | |
] | |
} | |
] | |
} | |
] | |
} | |
}, | |
{ | |
"PolicyName": "STSAccess", | |
"PolicyDocument": { | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"sts:GetFederationToken" | |
], | |
"Resource": [ | |
"*" | |
] | |
} | |
] | |
} | |
} | |
] | |
} | |
} | |
}, | |
"Outputs": { | |
"region": { | |
"Value": { | |
"Ref": "AWS::Region" | |
} | |
}, | |
"filesBucket": { | |
"Value": { | |
"Ref": "S3FilesBucket" | |
} | |
}, | |
"user": { | |
"Value": { | |
"Ref": "User" | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment