Skip to content

Instantly share code, notes, and snippets.

@phstc phstc/create-users.ts
Last active Dec 19, 2018

Embed
What would you like to do?
aws-cdk script for provisioning users + s3 buckets
/*
For deploying it:
Install aws-cdk: https://github.com/awslabs/aws-cdk then
npm run build
cdk deploy
*/
import cdk = require('@aws-cdk/cdk')
import s3 = require('@aws-cdk/aws-s3')
import { User, Group } from '@aws-cdk/aws-iam'
import { Bucket, BucketEncryption } from '@aws-cdk/aws-s3'
const USERS = ['pablo']
export class UsersStack extends cdk.Stack {
constructor(parent: cdk.App, name: string, _props?: cdk.StackProps) {
super(parent, name)
const group = this.createGroup()
USERS.forEach(userName => {
const user = this.createUser(userName)
group.addUser(user)
this.createBucket(userName)
})
}
createGroup(): Group {
// all users are created as administrators in a Dev AWS account,
// so that they can play with all AWS services
const group = new Group(this, 'Developers', { groupName: 'Developers' })
group.attachManagedPolicy('arn:aws:iam::aws:policy/AdministratorAccess')
return group
}
createUser(userName: string): User {
// give them console access
const user = new User(this, userName, {
userName,
password: 'temporary-password',
passwordResetRequired: true
})
return user
}
createBucket(name: string) {
// create a named bucket per user
const bucketName = `${name}-company`
const bucket = new Bucket(this, bucketName, {
encryption: BucketEncryption.S3Managed,
bucketName
})
const bucketResource = bucket.findChild(
'Resource'
) as s3.cloudformation.BucketResource
bucketResource.propertyOverrides.corsConfiguration = {
corsRules: [
{
allowedMethods: ['GET'],
allowedOrigins: ['*'],
maxAge: 3000,
allowedHeaders: ['Authorization']
}
]
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.