/
s3.clj
117 lines (83 loc) · 4.4 KB
/
s3.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
(ns crucible.aws.s3
"Resources in AWS::S3::*"
(:require [crucible.resources :refer [spec-or-ref defresource] :as res]
[crucible.aws.iam :as iam]
[crucible.aws.s3.bucket-encryption :as bucket-encryption]
[clojure.spec.alpha :as s]))
(s/def ::arn string?)
(s/def ::value (spec-or-ref string?))
(s/def ::name (spec-or-ref #{"prefix" "suffix"}))
(s/def ::rule (s/keys :req [::name ::value]))
(s/def ::rules (s/coll-of ::rule :kind vector?))
(s/def ::s3-key (s/keys :req [::rules]))
(s/def ::filter (s/keys :req [::s3-key]))
(s/def ::event (spec-or-ref #{"s3:ObjectCreated:*"
"s3:ObjectCreated:Put"
"s3:ObjectCreated:Post"
"s3:ObjectCreated:Copy"
"s3:ObjectCreated:CompleteMultipartUpload"
"s3:ObjectRemoved:*"
"s3:ObjectRemoved:Delete"
"s3:ObjectRemoved:DeleteMarkerCreated"
"s3:ReducedRedundancyLostObject"}))
(s/def ::topic (spec-or-ref ::arn))
(s/def ::topic-configuration (s/keys :req [::event
::topic]
:opt [::filter]))
(s/def ::topic-configurations (s/coll-of ::topic-configuration :kind vector?))
(s/def ::queue (spec-or-ref ::arn))
(s/def ::queue-configuration (s/keys :req [::event
::queue]
:opt [::filter]))
(s/def ::queue-configurations (s/coll-of ::queue-configuration :kind vector?))
(s/def ::lambda-configuration (s/keys :req [::event
::function]
:opt [::filter]))
(s/def ::function (spec-or-ref ::arn))
(s/def ::lambda-configurations (s/coll-of ::lambda-configuration :kind vector?))
(s/def ::notification-configuration (s/keys :opt [::lambda-configurations
::queue-configurations
::topic-configurations]))
(s/def ::max-age (spec-or-ref pos-int?))
(s/def ::id (spec-or-ref (s/and string?
#(< (count %) 256))))
(s/def ::exposed-headers (s/coll-of (spec-or-ref string?) :kind vector?))
(s/def ::allowed-origins (s/coll-of (spec-or-ref string?) :kind vector?))
(s/def ::allowed-headers (s/coll-of (spec-or-ref string?) :kind vector?))
(s/def ::allowed-methods (s/coll-of (spec-or-ref #{"GET" "PUT" "HEAD" "POST" "DELETE"})
:kind vector))
(s/def ::cors-rule (s/keys :req [::allowed-methods
::allowed-origins]
:opt [::allowed-headers
::exposed-headers
::id
::max-age]))
(s/def ::cors-rules (s/coll-of ::cors-rule :kind vector?))
(s/def ::cors-configuration (s/keys :req [::cors-rules]))
(s/def ::bucket-name (spec-or-ref (s/and string?
#(re-matches #"[a-z0-9-.]+" %))))
(s/def ::bucket-encryption (spec-or-ref ::bucket-encryption/resource-property-spec))
(s/def ::access-control #{"AuthenticatedRead"
"AwsExecRead"
"BucketOwnerRead"
"BucketOwnerFullControl"
"LogDeliveryWrite"
"Private"
"PublicRead"
"PublicReadWrite"})
(s/def ::s3-bucket (s/keys :opt [::bucket-name
::bucket-encryption
::access-control
::cors-configuration
::lifecycle-configuration
::logging-configuration
::notification-configuration
::replication-configuration
::res/tags
::versioning-configuration
::website-configuration]))
(defresource bucket "AWS::S3::Bucket" ::s3-bucket)
(s/def ::bucket (spec-or-ref string?))
(s/def ::bucket-policy (s/keys :req [::bucket
::iam/policy-document]))
(defresource bucket-policy "AWS::S3::BucketPolicy" ::bucket-policy)