-
Notifications
You must be signed in to change notification settings - Fork 106
Create, Config and Maintain S3 Bucket
Login to cloud.gov
cf login -sso
Target space
cf target -s <space_name>
Setting space permissions
cf set-space-role <email> <org> <space> <app_space_role>
Create public bucket
cf create-service s3 basic-public <service_name>
Create service keys
cf create-service-key <service_name> <my_service_key>
Return JSON of keys
cf service-key <service_name> <my_service_key>
Set up credentials locally to login
export AWS_ACCESS_KEY_ID="<insert_key_id_here>"
export AWS_SECRET_ACCESS_KEY="<insert_secret_access_key_here>"
export BUCKET_NAME="insert_bucket_name"
export AWS_DEFAULT_REGION="insert_region"
Download the CORS policy from the bucket to local
aws s3api put-bucket-cors --bucket $BUCKET_NAME --cors-configuration file://cors.json
Adjust the downloaded CORS AllowedOrigins to known locations. In this case, we are opening up GET in order to allow anyone to view the website.
{
"CORSRules": [
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["HEAD", "GET"],
"ExposeHeaders": ["ETag"]
}
]
}
Upload files
aws s3 cp cors.json s3://${BUCKET_NAME}/
Set up bucket as a website
aws s3 website s3://${BUCKET_NAME}/ --region us-gov-west-1 --index-document index.html --error-document error.html
Website will be accessible through this URL construct
http://<bucket_name>.s3-website-<region>.amazonaws.com/
Config AWS CLI on local
aws configure
AWS Access Key ID: xxxxxxxxxx1f74
AWS Secret Access Key: xxxxxxxxxx
Default region name: us-gov-west-1
Default output format : json
List legal document files
aws s3 ls s3://cg-xxxxxxxxxxx1f74/legal/
Remove one legal document pdf file
aws s3 rm s3://cg-xxxxxxxxxxx1f74/legal/murs/xxxx/xxxx_01.pdf