Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(cloudfront): s3 origin access control L2 construct #31254

Merged
merged 79 commits into from
Sep 5, 2024

Commits on Aug 25, 2024

  1. wip oac

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    cd5f600 View commit details
    Browse the repository at this point in the history
  2. create custom resource to update kms policy

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    fee9488 View commit details
    Browse the repository at this point in the history
  3. custom resource for bucket policy

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    4ae6627 View commit details
    Browse the repository at this point in the history
  4. Support oac in webDistribution

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    dc49ed1 View commit details
    Browse the repository at this point in the history
  5. refactor

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    ad28865 View commit details
    Browse the repository at this point in the history
  6. fix undefined distribution id

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    98af399 View commit details
    Browse the repository at this point in the history
  7. refactor

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    d87681e View commit details
    Browse the repository at this point in the history
  8. Add validation for origin type on OAC

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    c9bba82 View commit details
    Browse the repository at this point in the history
  9. Add origin type to oac

    gracelu0 authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    8a4e752 View commit details
    Browse the repository at this point in the history
  10. remove feature flag

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    4267b49 View commit details
    Browse the repository at this point in the history
  11. Configuration menu
    Copy the full SHA
    a0529ec View commit details
    Browse the repository at this point in the history
  12. Configuration menu
    Copy the full SHA
    e0a3d37 View commit details
    Browse the repository at this point in the history
  13. Configuration menu
    Copy the full SHA
    1bd7d95 View commit details
    Browse the repository at this point in the history
  14. add unit tests for S3 OAC

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    5c16627 View commit details
    Browse the repository at this point in the history
  15. Configuration menu
    Copy the full SHA
    664d2a9 View commit details
    Browse the repository at this point in the history
  16. fix unit test

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    62f8c68 View commit details
    Browse the repository at this point in the history
  17. formatting

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    012dfc6 View commit details
    Browse the repository at this point in the history
  18. Configuration menu
    Copy the full SHA
    622209a View commit details
    Browse the repository at this point in the history
  19. Configuration menu
    Copy the full SHA
    1f7f792 View commit details
    Browse the repository at this point in the history
  20. Configuration menu
    Copy the full SHA
    d4ac775 View commit details
    Browse the repository at this point in the history
  21. remove custom resource

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    a306f53 View commit details
    Browse the repository at this point in the history
  22. fix integ test formatting

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    d9376fb View commit details
    Browse the repository at this point in the history
  23. Configuration menu
    Copy the full SHA
    840957d View commit details
    Browse the repository at this point in the history
  24. remove web distribution oac

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    632c131 View commit details
    Browse the repository at this point in the history
  25. Configuration menu
    Copy the full SHA
    bbc70e0 View commit details
    Browse the repository at this point in the history
  26. more unit tests for S3BucketOrigin

    samson-keung authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    d835503 View commit details
    Browse the repository at this point in the history
  27. more unit tests for S3BucketOrigin and removed originAccessControlId …

    …prop from origin base
    samson-keung authored and gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    7f51018 View commit details
    Browse the repository at this point in the history
  28. address feedback

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    1b9455c View commit details
    Browse the repository at this point in the history
  29. fix unit tests

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    903b105 View commit details
    Browse the repository at this point in the history
  30. Configuration menu
    Copy the full SHA
    4c9d719 View commit details
    Browse the repository at this point in the history
  31. Configuration menu
    Copy the full SHA
    affcaf8 View commit details
    Browse the repository at this point in the history
  32. Configuration menu
    Copy the full SHA
    e256724 View commit details
    Browse the repository at this point in the history
  33. add test for imported bucket

    gracelu0 committed Aug 25, 2024
    Configuration menu
    Copy the full SHA
    1de0c6a View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2024

  1. Configuration menu
    Copy the full SHA
    879fc94 View commit details
    Browse the repository at this point in the history

Commits on Aug 27, 2024

  1. introduce assembleDomainName option in S3BucketOrigin.withOriginAcces…

    …sControl plus unit tests
    samson-keung committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    b08605e View commit details
    Browse the repository at this point in the history
  2. Update README and warning

    gracelu0 committed Aug 27, 2024
    Configuration menu
    Copy the full SHA
    054f24f View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    f5c308c View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2024

  1. Configuration menu
    Copy the full SHA
    626a8b3 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    4a8f9c8 View commit details
    Browse the repository at this point in the history
  3. warning wording update

    samson-keung committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    9449c3c View commit details
    Browse the repository at this point in the history
  4. add unit test for oac permission levels (#31225)

    - add unit test to check the correct permissions are being added if user
    specifies READ/WRITE/DELETE for `originAccessLevels`
    
    ### Checklist
    - [x] My code adheres to the [CONTRIBUTING
    GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and
    [DESIGN
    GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)
    
    ----
    
    *By submitting this pull request, I confirm that my contribution is made
    under the terms of the Apache-2.0 license*
    gracelu0 authored Aug 28, 2024
    Configuration menu
    Copy the full SHA
    f33dffb View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    dd11f45 View commit details
    Browse the repository at this point in the history
  6. Use wildcard in KMS key policy instead of referencing Distribution to…

    … avoid circular dependency (#31227)
    
    Making the KMS key policy to use wildcard instead on the distribution id
    part instead of referencing the Distribution resource to get the exact
    distribution ID. This breaks the circular dependency in the template.
    gracelu0 authored Aug 28, 2024
    Configuration menu
    Copy the full SHA
    c8eaa3e View commit details
    Browse the repository at this point in the history
  7. Configuration menu
    Copy the full SHA
    8d1f326 View commit details
    Browse the repository at this point in the history
  8. liniting fix

    samson-keung committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    06b471a View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2024

  1. Configuration menu
    Copy the full SHA
    516c29f View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    e146ecf View commit details
    Browse the repository at this point in the history
  3. Unit test for using escape hatch to scope down Key Policy (#31246)

    Adding a unit test to make sure user is able to scope down the key
    policy to specific distribution ID via escape hatch.
    gracelu0 authored Aug 29, 2024
    Configuration menu
    Copy the full SHA
    69f10ad View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    f776aad View commit details
    Browse the repository at this point in the history
  5. update readme

    gracelu0 committed Aug 29, 2024
    Configuration menu
    Copy the full SHA
    5d6d0d4 View commit details
    Browse the repository at this point in the history
  6. add section to README on migrating from OAI to OAC (#31247)

    - add section to README on migrating from OAI to OAC
    - update sections in README for setting up OAI and OAC using imported
    buckets (user needs to manually update the bucket policy)
    - update warnings to match the correct README section title
    gracelu0 authored Aug 29, 2024
    Configuration menu
    Copy the full SHA
    8d37c8d View commit details
    Browse the repository at this point in the history
  7. liniting fixes

    samson-keung committed Aug 29, 2024
    Configuration menu
    Copy the full SHA
    f0f58cd View commit details
    Browse the repository at this point in the history
  8. Liniting fixes (#31256)

    samson-keung authored Aug 29, 2024
    Configuration menu
    Copy the full SHA
    afadeee View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2024

  1. Configuration menu
    Copy the full SHA
    762e036 View commit details
    Browse the repository at this point in the history
  2. add README section for sse-kms circular dependency workaround (#31262)

    - add README section with steps for user to follow to use escape hatch
    to scope down the key policy
    gracelu0 authored Aug 30, 2024
    Configuration menu
    Copy the full SHA
    54d597e View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    ebfa3fd View commit details
    Browse the repository at this point in the history
  4. snapshot update

    samson-keung committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    bec0246 View commit details
    Browse the repository at this point in the history

Commits on Sep 3, 2024

  1. OAC encrypted bucket origin integ test (#31270)

    Integration test for usecase where Distribution is linked to a encrypted
    bucket as origin.
    gracelu0 authored Sep 3, 2024
    Configuration menu
    Copy the full SHA
    35dd110 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    298ffc9 View commit details
    Browse the repository at this point in the history

Commits on Sep 4, 2024

  1. update readme

    gracelu0 committed Sep 4, 2024
    Configuration menu
    Copy the full SHA
    3cab851 View commit details
    Browse the repository at this point in the history
  2. docs: update note on downtime during migration (#31307)

    update note on downtime, 2-step deployment should not cause any downtime
    gracelu0 authored Sep 4, 2024
    Configuration menu
    Copy the full SHA
    9377b09 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    765d37e View commit details
    Browse the repository at this point in the history
  4. clarify standard s3 origin

    gracelu0 committed Sep 4, 2024
    Configuration menu
    Copy the full SHA
    69e2846 View commit details
    Browse the repository at this point in the history
  5. refactor and readme

    gracelu0 committed Sep 4, 2024
    Configuration menu
    Copy the full SHA
    d6ee6b7 View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    d111eea View commit details
    Browse the repository at this point in the history
  7. Update S3BucketOrigin.withOriginAccessControl class methods to be pri…

    …vate (#31321)
    
    Update methods to be `private` instead of `public` so they are not
    exposed unnecessarily.
    samson-keung authored Sep 4, 2024
    Configuration menu
    Copy the full SHA
    684ed5a View commit details
    Browse the repository at this point in the history
  8. move note to s3 section

    gracelu0 committed Sep 4, 2024
    Configuration menu
    Copy the full SHA
    5d510c5 View commit details
    Browse the repository at this point in the history
  9. Configuration menu
    Copy the full SHA
    070b3d5 View commit details
    Browse the repository at this point in the history
  10. Configuration menu
    Copy the full SHA
    a4a5ef3 View commit details
    Browse the repository at this point in the history
  11. Configuration menu
    Copy the full SHA
    ae53ce3 View commit details
    Browse the repository at this point in the history

Commits on Sep 5, 2024

  1. address feedback

    gracelu0 committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    405488d View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    d35c6bd View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    912891b View commit details
    Browse the repository at this point in the history
  4. make subclasses private

    gracelu0 committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    46db428 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    3df3b2f View commit details
    Browse the repository at this point in the history
  6. fix linting error

    gracelu0 committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    81a8a89 View commit details
    Browse the repository at this point in the history
  7. fix integ test

    gracelu0 committed Sep 5, 2024
    Configuration menu
    Copy the full SHA
    d1dc56a View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    844c234 View commit details
    Browse the repository at this point in the history
  9. Configuration menu
    Copy the full SHA
    3d79694 View commit details
    Browse the repository at this point in the history