Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S3 Bucket policy update behavior #594

Closed
dlpzx opened this issue Jul 24, 2023 · 2 comments
Closed

S3 Bucket policy update behavior #594

dlpzx opened this issue Jul 24, 2023 · 2 comments
Labels
priority: medium status: in-progress This issue has been picked and is being implemented type: question Further information is requested

Comments

@dlpzx
Copy link
Contributor

dlpzx commented Jul 24, 2023

For imported Datasets, data.all does not create an S3 Bucket policy. We want to know what would happen if:

  • we add a baseline bucket policy in the dataset stack that has a baseline policy (bucket-policy-1) This is useful to add baseline bucket policies, for example ensuring secure transport
  • we import an S3 Bucket that has a bucket policy (bucket-policy-0)

Is our bucket-policy-1 going to replace bucket-policy-0? or is it going to give errors?
@dlpzx dlpzx added type: question Further information is requested status: in-progress This issue has been picked and is being implemented priority: medium labels Jul 24, 2023
@mourya-33
Copy link
Contributor

Hi @dlpzx ,The original policy on the bucket is overwritten by the policy from the data.all stack.

Test steps:

  1. Create bucket with a bucket policy - bucket-policy-0
  2. Import the bucket to data.all
  3. Data.all will deploy the cloudformation stack to import the bucket and add bucket policy for HTTPs - bucket-policy-1
  4. Once the stack completes, verify the bucket policy. The policy will now be bucket-policy-1 instead of the original bucket-policy-0

@dlpzx
Copy link
Contributor Author

dlpzx commented Aug 2, 2023

Thanks @mourya-33 for having a look, very valuable for #284 :)

@dlpzx dlpzx closed this as completed Aug 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority: medium status: in-progress This issue has been picked and is being implemented type: question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dlpzx @mourya-33