4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# File 'lib/certman/resource/s3.rb', line 4
def create_bucket
account_id = sts.get_caller_identity.account
bucket_policy = "{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"GiveSESPermissionToWriteEmail\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": [\n \"ses.amazonaws.com\"\n ]\n },\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": \"arn:aws:s3:::\#{bucket_name}/*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:Referer\": \"\#{account_id}\"\n }\n }\n }\n ]\n}\n"
s3.create_bucket(
acl: 'private',
bucket: bucket_name
)
s3.put_bucket_policy(
bucket: bucket_name,
policy: bucket_policy,
use_accelerate_endpoint: false
)
end
|