phstc/create-users.ts

## create-users.ts
/*
For deploying it:

Install aws-cdk: https://github.com/awslabs/aws-cdk then

npm run build
cdk deploy
*/

import cdk = require('@aws-cdk/cdk')
import s3 = require('@aws-cdk/aws-s3')
import { User, Group } from '@aws-cdk/aws-iam'
import { Bucket, BucketEncryption } from '@aws-cdk/aws-s3'

const USERS = ['pablo']

export class UsersStack extends cdk.Stack {
  constructor(parent: cdk.App, name: string, _props?: cdk.StackProps) {
    super(parent, name)

    const group = this.createGroup()
    USERS.forEach(userName => {
      const user = this.createUser(userName)
      group.addUser(user)
      this.createBucket(userName)
    })
  }

  createGroup(): Group {
    // all users are created as administrators in a Dev AWS account,
    // so that they can play with all AWS services
    const group = new Group(this, 'Developers', { groupName: 'Developers' })
    group.attachManagedPolicy('arn:aws:iam::aws:policy/AdministratorAccess')

    return group
  }

  createUser(userName: string): User {
    // give them console access
    const user = new User(this, userName, {
      userName,
      password: 'temporary-password',
      passwordResetRequired: true
    })

    return user
  }

  createBucket(name: string) {
    // create a named bucket per user
    const bucketName = `${name}-company`
    const bucket = new Bucket(this, bucketName, {
      encryption: BucketEncryption.S3Managed,
      bucketName
    })
    const bucketResource = bucket.findChild(
      'Resource'
    ) as s3.cloudformation.BucketResource

    bucketResource.propertyOverrides.corsConfiguration = {
      corsRules: [
        {
          allowedMethods: ['GET'],
          allowedOrigins: ['*'],
          maxAge: 3000,
          allowedHeaders: ['Authorization']
        }
      ]
    }
  }
}
	/*
	For deploying it:

	Install aws-cdk: https://github.com/awslabs/aws-cdk then

	npm run build
	cdk deploy
	*/

	import cdk = require('@aws-cdk/cdk')
	import s3 = require('@aws-cdk/aws-s3')
	import { User, Group } from '@aws-cdk/aws-iam'
	import { Bucket, BucketEncryption } from '@aws-cdk/aws-s3'

	const USERS = ['pablo']

	export class UsersStack extends cdk.Stack {
	constructor(parent: cdk.App, name: string, _props?: cdk.StackProps) {
	super(parent, name)

	const group = this.createGroup()
	USERS.forEach(userName => {
	const user = this.createUser(userName)
	group.addUser(user)
	this.createBucket(userName)
	})
	}

	createGroup(): Group {
	// all users are created as administrators in a Dev AWS account,
	// so that they can play with all AWS services
	const group = new Group(this, 'Developers', { groupName: 'Developers' })
	group.attachManagedPolicy('arn:aws:iam::aws:policy/AdministratorAccess')

	return group
	}

	createUser(userName: string): User {
	// give them console access
	const user = new User(this, userName, {
	userName,
	password: 'temporary-password',
	passwordResetRequired: true
	})

	return user
	}

	createBucket(name: string) {
	// create a named bucket per user
	const bucketName = `${name}-company`
	const bucket = new Bucket(this, bucketName, {
	encryption: BucketEncryption.S3Managed,
	bucketName
	})
	const bucketResource = bucket.findChild(
	'Resource'
	) as s3.cloudformation.BucketResource

	bucketResource.propertyOverrides.corsConfiguration = {
	corsRules: [
	{
	allowedMethods: ['GET'],
	allowedOrigins: ['*'],
	maxAge: 3000,
	allowedHeaders: ['Authorization']
	}
	]
	}
	}
	}