-
Notifications
You must be signed in to change notification settings - Fork 5
/
main.py
65 lines (55 loc) · 2.17 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env python
from constructs import Construct
from cdktf import App, NamedRemoteWorkspace, TerraformStack, TerraformOutput, RemoteBackend
from cdktf_cdktf_provider_aws import AwsProvider
from cdktf import Fn
from imports.aws import (
s3
)
class MyStack(TerraformStack):
def __init__(self, scope: Construct, ns: str):
super().__init__(scope, ns)
AwsProvider(self, "AWS", region="us-east-1")
BUCKET_NAME = 'cdktf-python-demo-us-east-1'
s3_lifecycle_rule = [
{ "enabled": True, "id": "abort-multipart", "prefix": "/", "abortIncompleteMultipartUploadDays": 7 },
{ "enabled": True, "transition": [{ "days": 30, "storageClass": "STANDARD_IA" }] },
{ "enabled": True, "noncurrentVersionTransition": [{ "days": 30, "storageClass": "STANDARD_IA" }] },
{ "enabled": False, "transition": [{ "days": 90, "storageClass": "ONEZONE_IA" }] },
{ "enabled": False, "noncurrentVersionTransition": [{ "days": 90, "storageClass": "ONEZONE_IA" }] },
{ "enabled": False, "transition": [{ "days": 365, "storageClass": "GLACIER" }] },
{ "enabled": False, "noncurrentVersionTransition": [{ "days": 365, "storageClass": "ONEZONE_IA" }] },
]
s3_tags= {
"Team": "Devops",
"Company": "Your compnay"
}
s3_policy = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Resource": [
f"arn:aws:s3:::${BUCKET_NAME}/*"
]
}
]
}
bucket = s3.S3Bucket(self,
id=f"s3-{BUCKET_NAME}",
bucket=f"s3-{BUCKET_NAME}",
lifecycle_rule=s3_lifecycle_rule,
tags=s3_tags,
policy=str(s3_policy)
)
TerraformOutput(self, 'S3 id',value=bucket.id)
TerraformOutput(self, 'S3 arn', value=bucket.arn)
################
app = App()
stack = MyStack(app, "aws")
app.synth()