Skip to content

Commit

Permalink
Add CloudFront AccessLevel.READ_VERSIONED
Browse files Browse the repository at this point in the history 
This allows creating an S3 bucket origin OriginAccessControl for access of versioned objects

Fixes aws#33034
  • Loading branch information
@matthiasgubler
matthiasgubler committed Jan 21, 2025
1 parent a928748 commit c87c348
Show file tree
Hide file tree
Showing 5 changed files with 490 additions and 336 deletions.
24 changes: 24 additions & 0 deletions ...ng/framework-integ/test/aws-cloudfront-origins/test/integ.s3-origin-oac-read-versioned.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
import * as cloudfront from 'aws-cdk-lib/aws-cloudfront';
import * as s3 from 'aws-cdk-lib/aws-s3';
import * as cdk from 'aws-cdk-lib';
import * as origins from 'aws-cdk-lib/aws-cloudfront-origins';
import { ExpectedResult, IntegTest } from '@aws-cdk/integ-tests-alpha';

const app = new cdk.App();

const stack = new cdk.Stack(app, 'cloudfront-s3-bucket-origin-oac-read-versioned-access');

const bucket = new s3.Bucket(stack, 'Bucket', {
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
origins.S3BucketOrigin.withOriginAccessControl(bucket, {
originAccessLevels: [cloudfront.AccessLevel.READ, cloudfront.AccessLevel.READ_VERSIONED],
});

const integ = new IntegTest(app, 's3-origin-oac-read-versioned-access', {
testCases: [stack],
});

integ.assertions.awsApiCall('S3', 'getBucketPolicy', {
Bucket: bucket.bucketName,
}).expect(ExpectedResult.objectLike({ Statement: [{ Action: ['s3:GetObject', 's3:GetObjectVersion'] }] }));
Loading

0 comments on commit c87c348

Please sign in to comment.