Merge pull request #68 from alinadima/cdk-pipeline

aws4embeddedlinux · Aug 25, 2023 · b59b1cb · b59b1cb
2 parents 9ec7c7c + 112d67e
commit b59b1cb
Show file tree

Hide file tree

Showing 3 changed files with 133 additions and 0 deletions.
diff --git a/demos-pipeline/lib/lib/build-image-data.ts b/demos-pipeline/lib/lib/build-image-data.ts
@@ -37,6 +37,7 @@ export class BuildImageDataStack extends cdk.Stack {
       bucketName,
       versioned: true,
       removalPolicy: cdk.RemovalPolicy.DESTROY,
+      autoDeleteObjects: true,
     });
 
     const dataBucketDeploymentRole = new iam.Role(

diff --git a/demos-pipeline/lib/test/__snapshots__/build-image-data.test.ts.snap b/demos-pipeline/lib/test/__snapshots__/build-image-data.test.ts.snap
@@ -167,11 +167,34 @@ exports[`Build Image Data Snapshot 1`] = `
       },
       "Type": "AWS::IAM::Policy",
     },
+    "BuildImageDataBucketAutoDeleteObjectsCustomResource89CDEC31": {
+      "DeletionPolicy": "Delete",
+      "DependsOn": [
+        "BuildImageDataBucketPolicyBF163C5F",
+      ],
+      "Properties": {
+        "BucketName": {
+          "Ref": "BuildImageDataBucketE6A8BC04",
+        },
+        "ServiceToken": {
+          "Fn::GetAtt": [
+            "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
+            "Arn",
+          ],
+        },
+      },
+      "Type": "Custom::S3AutoDeleteObjects",
+      "UpdateReplacePolicy": "Delete",
+    },
     "BuildImageDataBucketE6A8BC04": {
       "DeletionPolicy": "Delete",
       "Properties": {
         "BucketName": "test-bucket",
         "Tags": [
+          {
+            "Key": "aws-cdk:auto-delete-objects",
+            "Value": "true",
+          },
           {
             "Key": "aws-cdk:cr-owned:19b429dc",
             "Value": "true",
@@ -184,6 +207,57 @@ exports[`Build Image Data Snapshot 1`] = `
       "Type": "AWS::S3::Bucket",
       "UpdateReplacePolicy": "Delete",
     },
+    "BuildImageDataBucketPolicyBF163C5F": {
+      "Properties": {
+        "Bucket": {
+          "Ref": "BuildImageDataBucketE6A8BC04",
+        },
+        "PolicyDocument": {
+          "Statement": [
+            {
+              "Action": [
+                "s3:GetBucket*",
+                "s3:List*",
+                "s3:DeleteObject*",
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "AWS": {
+                  "Fn::GetAtt": [
+                    "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
+                    "Arn",
+                  ],
+                },
+              },
+              "Resource": [
+                {
+                  "Fn::GetAtt": [
+                    "BuildImageDataBucketE6A8BC04",
+                    "Arn",
+                  ],
+                },
+                {
+                  "Fn::Join": [
+                    "",
+                    [
+                      {
+                        "Fn::GetAtt": [
+                          "BuildImageDataBucketE6A8BC04",
+                          "Arn",
+                        ],
+                      },
+                      "/*",
+                    ],
+                  ],
+                },
+              ],
+            },
+          ],
+          "Version": "2012-10-17",
+        },
+      },
+      "Type": "AWS::S3::BucketPolicy",
+    },
     "CustomCDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C81C01536": {
       "DependsOn": [
         "BuildImageBucketRoleDefaultPolicy39AC1070",
@@ -216,6 +290,62 @@ exports[`Build Image Data Snapshot 1`] = `
       },
       "Type": "AWS::Lambda::Function",
     },
+    "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
+      "DependsOn": [
+        "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
+      ],
+      "Properties": {
+        "Code": {
+          "S3Bucket": "cdk-hnb659fds-assets-111111111111-eu-central-1",
+          "S3Key": "arbitrary-file.zip",
+        },
+        "Description": {
+          "Fn::Join": [
+            "",
+            [
+              "Lambda function for auto-deleting objects in ",
+              {
+                "Ref": "BuildImageDataBucketE6A8BC04",
+              },
+              " S3 bucket.",
+            ],
+          ],
+        },
+        "Handler": "index.handler",
+        "MemorySize": 128,
+        "Role": {
+          "Fn::GetAtt": [
+            "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
+            "Arn",
+          ],
+        },
+        "Runtime": "nodejs16.x",
+        "Timeout": 900,
+      },
+      "Type": "AWS::Lambda::Function",
+    },
+    "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Statement": [
+            {
+              "Action": "sts:AssumeRole",
+              "Effect": "Allow",
+              "Principal": {
+                "Service": "lambda.amazonaws.com",
+              },
+            },
+          ],
+          "Version": "2012-10-17",
+        },
+        "ManagedPolicyArns": [
+          {
+            "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+          },
+        ],
+      },
+      "Type": "AWS::IAM::Role",
+    },
   },
   "Rules": {
     "CheckBootstrapVersion": {

diff --git a/demos-pipeline/lib/test/build-image-data.test.ts b/demos-pipeline/lib/test/build-image-data.test.ts
@@ -5,6 +5,8 @@ import { BuildImageDataStack } from "../lib/build-image-data";
 describe("Build Image Data", () => {
   const props = {
     bucketName: "test-bucket",
+    removalPolicy: cdk.RemovalPolicy.DESTROY,
+    autoDeleteObjects: true,
     env: { account: "111111111111", region: "eu-central-1" },
   };