Skip to content

chore: update CDK for S3EC-net #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rishav-karanjit merged 7 commits into from
Sep 23, 2025
Merged

chore: update CDK for S3EC-net #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
38404fe
auto commit
rishav-karanjit Sep 22, 2025
143721c
auto commit
rishav-karanjit Sep 23, 2025
d7de6f1
auto commit
rishav-karanjit Sep 23, 2025
0346f16
auto commit
rishav-karanjit Sep 23, 2025
c385594
auto commit
rishav-karanjit Sep 23, 2025
1c365c9
auto commit
rishav-karanjit Sep 23, 2025
0e6cb7c
auto commit
rishav-karanjit Sep 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions cdk/bin/cdk.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/usr/bin/env node
import 'source-map-support/register';
import * as cdk from 'aws-cdk-lib';
import { S3ECPythonGithub } from '../lib/cdk-stack';

const app = new cdk.App();
new S3ECPythonGithub(app, 'S3ECPythonGithub');
12 changes: 11 additions & 1 deletion cdk/lib/cdk-stack.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,20 +102,27 @@ export class S3ECPythonGithub extends cdk.Stack {
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:DeleteObjectVersion" // For S3EC-NET repo
],
resources: [
S3ECGithubTestS3Bucket.bucketArn + "/*", // object-level permissions need this extra path
S3ECTestServerGithubBucket.bucketArn + "/*", // Add permissions for the new test-server bucket
"arn:aws:s3:::aws-net-sdk-*/*" // permission for object inside S3EC .net bucket. For S3EC-NET repo
],
}),
new PolicyStatement({
effect: Effect.ALLOW,
actions: [
"s3:CreateBucket", // For S3EC-NET repo
"s3:DeleteBucket", // For S3EC-NET repo
"s3:ListBucket",
"s3:ListBucketVersions", // For S3EC-NET repo
"s3:GetBucketAcl" // For S3EC-NET repo
],
resources: [
S3ECGithubTestS3Bucket.bucketArn,
S3ECTestServerGithubBucket.bucketArn, // Add permissions for the new test-server bucket
"arn:aws:s3:::aws-net-sdk-*", // permission for S3EC .net bucket. For S3EC-NET repo
],
}),
]
Expand Down Expand Up @@ -155,7 +162,10 @@ export class S3ECPythonGithub extends cdk.Stack {
"token.actions.githubusercontent.com:aud": "sts.amazonaws.com"
},
"StringLike": {
"token.actions.githubusercontent.com:sub": "repo:aws/amazon-s3-encryption-client-python:*"
"token.actions.githubusercontent.com:sub": [
"repo:aws/amazon-s3-encryption-client-python:*",
"repo:aws/private-amazon-s3-encryption-client-dotnet-staging:*" // For S3EC-NET repo
]
}
},
"sts:AssumeRoleWithWebIdentity"
Expand Down
2 changes: 1 addition & 1 deletion test-server/cpp-v2-server/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ PORT := 8085
build/s3ec-server:
brew install libmicrohttpd nlohmann-json ossp-uuid
git clone --recurse-submodules https://github.com/aws/aws-sdk-cpp.git
cd aws-sdk-cpp && git checkout --track remotes/origin/ajewell/ec-for-get-object

@rishav-karanjit rishav-karanjit Sep 23, 2025

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Background: Andy had a PR from this branch to in aws sdk cpp previously. Now, this branch does not exists and we don't need to switch to any other branch as PR is merged.

cd aws-sdk-cpp
mkdir -p build && cd build && cmake ..

start-server: | build/s3ec-server
Expand Down
Loading