fix(codepipeline): default cross-region S3 buckets allow public access by david-richer-adsk · Pull Request #17722 · aws/aws-cdk

david-richer-adsk · 2021-11-25T20:55:31Z

The cross region S3 buckets that are created should have block public access by default.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

…fault. The cross region S3 buckets that are created should have block public access by default. fixes aws#16411

gitpod-io · 2021-11-25T20:55:33Z

david-richer-adsk · 2021-11-25T21:27:33Z

Same approach as for the artifact bucket: https://github.com/aws/aws-cdk/blob/master/packages/@aws-cdk/aws-codepipeline/lib/pipeline.ts#L382

skinny85

Thanks for the contribution @david-richer-adsk!

packages/@aws-cdk/aws-codepipeline/lib/private/cross-region-support-stack.ts

…pport-stack.ts

Pull request has been modified.

skinny85

We also need a unit test for this one 🙂.

david-richer-adsk · 2021-12-03T21:33:35Z

We also need a unit test for this one 🙂.

Does this look like the right place to add a check? https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-codepipeline/test/cross-env.test.ts#L132

skinny85 · 2021-12-03T22:05:15Z

We also need a unit test for this one 🙂.

Does this look like the right place to add a check? https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-codepipeline/test/cross-env.test.ts#L132

Yes, that's probably a good spot. You can use the toHaveResourceLike() helper, like here.

Pull request has been modified.

david-richer-adsk · 2021-12-06T14:10:00Z

Should be good to go, let me know if anything is missing.

skinny85

Looks good @david-richer-adsk! One question.

packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts

Co-authored-by: Adam Ruka <adamruka85@gmail.com>

Pull request has been modified.

david-richer-adsk · 2021-12-09T16:25:29Z

@skinny85 ready to be merged?

skinny85

Thanks for the contribution @david-richer-adsk!

skinny85 · 2021-12-09T16:31:06Z

@skinny85 ready to be merged?

Yep! In the future, make sure to re-request my review after you're done pushing your changes (there's a button in the top-right corner of the PR page, next to my avatar), this way I won't miss it 🙂.

Thanks,
Adam

mergify · 2021-12-09T16:33:05Z

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

david-richer-adsk · 2021-12-09T16:36:27Z

Will do!

aws-cdk-automation · 2021-12-09T17:16:11Z

AWS CodeBuild CI Report

CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
Commit ID: 463ce71
Result: SUCCEEDED
Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

mergify · 2021-12-09T17:16:35Z

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

aws#17722) The cross region S3 buckets that are created should have block public access by default. Fixes aws#16411 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

david-richer-adsk added 2 commits November 25, 2021 15:52

feat(codepipeline): Cross region S3 buckets block public access by de…

54df648

…fault. The cross region S3 buckets that are created should have block public access by default. fixes aws#16411

Update cross-region-support-stack.ts

135c1f9

github-actions bot added the @aws-cdk/aws-codepipeline Related to AWS CodePipeline label Nov 25, 2021

github-actions bot assigned skinny85 Nov 25, 2021

skinny85 previously requested changes Nov 29, 2021

View reviewed changes

packages/@aws-cdk/aws-codepipeline/lib/private/cross-region-support-stack.ts Outdated Show resolved Hide resolved

Update packages/@aws-cdk/aws-codepipeline/lib/private/cross-region-su…

352ff9f

…pport-stack.ts

skinny85 changed the title ~~feat(codepipeline): Cross region S3 buckets block public access~~ fix(codepipeline): default cross-region S3 buckets allow public access Nov 29, 2021

skinny85 approved these changes Nov 29, 2021

View reviewed changes

skinny85 previously requested changes Nov 29, 2021

View reviewed changes

Add a unit test for the fix

b8342ea

eslint fix

1068396

skinny85 previously requested changes Dec 6, 2021

View reviewed changes

packages/@aws-cdk/aws-codepipeline/test/cross-env.test.ts Outdated Show resolved Hide resolved

Test the content of the PublicAccessBlockConfiguration block

37c9427

Co-authored-by: Adam Ruka <adamruka85@gmail.com>

skinny85 approved these changes Dec 9, 2021

View reviewed changes

Merge branch 'master' into patch-1

463ce71

mergify bot merged commit 0b80db5 into aws:master Dec 9, 2021

Conversation

david-richer-adsk commented Nov 25, 2021 • edited by skinny85 Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

gitpod-io bot commented Nov 25, 2021

Uh oh!

david-richer-adsk commented Nov 25, 2021

Uh oh!

skinny85 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

skinny85 left a comment

Choose a reason for hiding this comment

Uh oh!

david-richer-adsk commented Dec 3, 2021

Uh oh!

skinny85 commented Dec 3, 2021

Uh oh!

david-richer-adsk commented Dec 6, 2021

Uh oh!

skinny85 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

david-richer-adsk commented Dec 9, 2021

Uh oh!

skinny85 left a comment

Choose a reason for hiding this comment

Uh oh!

skinny85 commented Dec 9, 2021

Uh oh!

mergify bot commented Dec 9, 2021

Uh oh!

david-richer-adsk commented Dec 9, 2021

Uh oh!

aws-cdk-automation commented Dec 9, 2021

AWS CodeBuild CI Report

Uh oh!

mergify bot commented Dec 9, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

david-richer-adsk commented Nov 25, 2021 •

edited by skinny85

Loading