Updated READMEs

AWSCookbook · Oct 27, 2021 · 6c1c018 · 6c1c018
1 parent 909b2d4
commit 6c1c018
Show file tree

Hide file tree

Showing 14 changed files with 190 additions and 32 deletions.
diff --git a/301-Using-S3-Lifecycle-Policies-to-Reduce-Storage-Costs/lifecycle-rule.json b/301-Using-S3-Lifecycle-Policies-to-Reduce-Storage-Costs/lifecycle-rule.json
@@ -12,4 +12,8 @@
             ]
         }
     ]
-}
+<<<<<<< HEAD
+}
+=======
+}
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/302-Using-S3-Intelligent-Tiering/tiering.json b/302-Using-S3-Intelligent-Tiering/tiering.json
@@ -1,4 +1,5 @@
 {
+<<<<<<< HEAD
     "IntelligentTieringConfiguration": {
         "Id": "awscookbook302",
         "Status": "Enabled",
@@ -9,4 +10,15 @@
             }
         ]
     }
-}
+}
+=======
+    "Id": "awscookbook302",
+    "Status": "Enabled",
+    "Tierings": [
+        {
+            "Days": 90,
+            "AccessTier": "ARCHIVE_ACCESS"
+        }
+    ]
+}
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/.gitignore b/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/.gitignore
@@ -0,0 +1,3 @@
+s3-perms-policy.json
+s3-replication.json
+.venv
diff --git a/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-perms-policy-template.json b/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-perms-policy-template.json
@@ -1,4 +1,5 @@
 {
+<<<<<<< HEAD
     "Version":"2012-10-17",
     "Statement":[
        {
@@ -34,4 +35,40 @@
        }
     ]
  }
-
+
+=======
+	"Version":"2012-10-17",
+	"Statement":[
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:GetObjectVersionForReplication",
+         	"s3:GetObjectVersionAcl",
+		      "s3:GetObjectVersionTagging"
+      	],
+      	"Resource":[
+         	"arn:aws:s3:::SRCBUCKET/*"
+      	]
+   	},
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:ListBucket",
+         	"s3:GetReplicationConfiguration"
+      	],
+      	"Resource":[
+         	"arn:aws:s3:::SRCBUCKET"
+      	]
+   	},
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:ReplicateObject",
+         	"s3:ReplicateDelete",
+         	"s3:ReplicateTags"
+      	],
+      	"Resource":"arn:aws:s3:::DSTBUCKET/*"
+   	}
+	]
+ }
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-perms-policy.json b/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-perms-policy.json
@@ -1,4 +1,5 @@
 {
+<<<<<<< HEAD
     "Version":"2012-10-17",
     "Statement":[
        {
@@ -34,4 +35,40 @@
        }
     ]
  }
-
+
+=======
+	"Version":"2012-10-17",
+	"Statement":[
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:GetObjectVersionForReplication",
+         	"s3:GetObjectVersionAcl",
+		      "s3:GetObjectVersionTagging"
+      	],
+      	"Resource":[
+         	"arn:aws:s3:::awscookbook303-src-b0jeyb/*"
+      	]
+   	},
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:ListBucket",
+         	"s3:GetReplicationConfiguration"
+      	],
+      	"Resource":[
+         	"arn:aws:s3:::awscookbook303-src-b0jeyb"
+      	]
+   	},
+   	{
+      	"Effect":"Allow",
+      	"Action":[
+         	"s3:ReplicateObject",
+         	"s3:ReplicateDelete",
+         	"s3:ReplicateTags"
+      	],
+      	"Resource":"arn:aws:s3:::awscookbook303-dst-b0jeyb/*"
+   	}
+	]
+ }
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-replication-template.json b/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-replication-template.json
@@ -1,4 +1,5 @@
 {
+<<<<<<< HEAD
     "Rules": [
         {
             "Status": "Enabled",
@@ -25,4 +26,35 @@
         }
     ],
     "Role": "ROLEARN"
-}
+}
+=======
+	"Rules": [
+    	{
+        	"Status": "Enabled",
+        	"Filter": {
+            	"Prefix": ""
+        	},
+        	"Destination": {
+            	"Bucket": "arn:aws:s3:::DSTBUCKET",
+            	"Metrics": {
+                	"Status": "Enabled",
+                	"EventThreshold": {
+                    	"Minutes": 15
+                	}
+            	},
+            	"ReplicationTime": {
+                	"Status": "Enabled",
+                	"Time": {
+                    	"Minutes": 15
+                	}
+            	}
+        	},
+		    "DeleteMarkerReplication": {
+                "Status": "Disabled"
+            },
+        	"Priority": 1
+    	}
+	],
+	"Role": "ROLEARN"
+}
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-replication.json b/303-Replicating-S3-Buckets-to-Meet-Recovery-Point-Objectives/s3-replication.json
@@ -1,4 +1,5 @@
 {
+<<<<<<< HEAD
     "Rules": [
         {
             "Status": "Enabled",
@@ -25,4 +26,35 @@
         }
     ],
     "Role": "arn:aws:iam::611652777867:role/AWSCookbook303S3Role"
-}
+}
+=======
+	"Rules": [
+    	{
+        	"Status": "Enabled",
+        	"Filter": {
+            	"Prefix": ""
+        	},
+        	"Destination": {
+            	"Bucket": "arn:aws:s3:::awscookbook303-dst-b0jeyb",
+            	"Metrics": {
+                	"Status": "Enabled",
+                	"EventThreshold": {
+                    	"Minutes": 15
+                	}
+            	},
+            	"ReplicationTime": {
+                	"Status": "Enabled",
+                	"Time": {
+                    	"Minutes": 15
+                	}
+            	}
+        	},
+		    "DeleteMarkerReplication": {
+                "Status": "Disabled"
+            },
+        	"Priority": 1
+    	}
+	],
+	"Role": "arn:aws:iam::664865145641:role/AWSCookbook303S3Role"
+}
+>>>>>>> d0119e3 (Updated READMEs)
diff --git a/305-Configuring-Application-Specific-Access-to-S3/.gitignore b/305-Configuring-Application-Specific-Access-to-S3/.gitignore
@@ -1 +1,3 @@
-Recipe304Test.txt
+Recipe304Test.txt
+app-1-policy.json
+app-2-policy.json
diff --git a/305-Configuring-Application-Specific-Access-to-S3/app-1-policy.json b/305-Configuring-Application-Specific-Access-to-S3/app-1-policy.json
diff --git a/305-Configuring-Application-Specific-Access-to-S3/app-2-policy.json b/305-Configuring-Application-Specific-Access-to-S3/app-2-policy.json
diff --git a/...ific-Access-to-S3/cdk-AWS-Cookbook-305/cdk_aws_cookbook_305/cdk_aws_cookbook_305_stack.py b/...ific-Access-to-S3/cdk-AWS-Cookbook-305/cdk_aws_cookbook_305/cdk_aws_cookbook_305_stack.py
@@ -91,7 +91,7 @@ def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
 
         iam_role1 = iam.Role(self, "Instance1SSM", assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"))
 
-        iam_role1.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("service-role/AmazonEC2RoleforSSM"))
+        iam_role1.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMManagedInstanceCore"))
 
         instance1 = ec2.Instance(
             self,
@@ -104,7 +104,11 @@ def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
 
         iam_role2 = iam.Role(self, "Instance2SSM", assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"))
 
+<<<<<<< HEAD
         iam_role2.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("service-role/AmazonEC2RoleforSSM"))
+=======
+        iam_role2.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMManagedInstanceCore"))
+>>>>>>> d0119e3 (Updated READMEs)
 
         instance2 = ec2.Instance(
             self,

diff --git a/306-Using-Amazon-S3-Bucket-Keys-with-KMS/.gitignore b/306-Using-Amazon-S3-Bucket-Keys-with-KMS/.gitignore
@@ -0,0 +1 @@
+bucket-policy.json
diff --git a/306-Using-Amazon-S3-Bucket-Keys-with-KMS/book_cover.png b/306-Using-Amazon-S3-Bucket-Keys-with-KMS/book_cover.png
diff --git a/306-Using-Amazon-S3-Bucket-Keys-with-KMS/bucket-policy-template.json b/306-Using-Amazon-S3-Bucket-Keys-with-KMS/bucket-policy-template.json
@@ -0,0 +1,18 @@
+{
+    "Version":"2012-10-17",
+    "Id":"PutObjectPolicy",
+    "Statement":[{
+          "Sid":"DenyUnEncryptedObjectUploads",
+          "Effect":"Deny",
+          "Principal":"*",
+          "Action":"s3:PutObject",
+          "Resource":"arn:aws:s3:::BUCKET_NAME/*",
+          "Condition":{
+             "StringNotEquals":{
+                "s3:x-amz-server-side-encryption":"aws:kms"
+             }
+          }
+       }
+    ]
+ }
+
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,4 +12,8 @@ @@
                 ]
             }
         ]
-    }
+    <<<<<<< HEAD
+    }
+    =======
+    }
+    >>>>>>> d0119e3 (Updated READMEs)