Skip to content

Commit

Permalink
Merge pull request #206 from gammarer/feature/add-props-encryption-wi…
Browse files Browse the repository at this point in the history 
…th-chenge-encryption-default

feat: add props encryption with chenge encryption default
  • Loading branch information
@yicr
yicr committed Feb 28, 2024
2 parents 142c068 + 1c797ea commit ec19cb8
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 4 deletions.
11 changes: 11 additions & 0 deletions API.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion src/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import { Construct } from 'constructs';

export interface SecureLogBucketProps {
readonly bucketName?: string;
readonly encryption?: SecureBucketEncryption;
readonly changeClassTransition?: StorageClassTransitionProperty;
readonly objectOwnership?: SecureObjectOwnership;
}
Expand All @@ -21,7 +22,7 @@ export class SecureLogBucket extends SecureBucket {
constructor(scope: Construct, id: string, props?: SecureLogBucketProps) {
super(scope, id, {
bucketName: props?.bucketName,
encryption: SecureBucketEncryption.KMS_MANAGED,
encryption: props?.encryption ?? SecureBucketEncryption.S3_MANAGED,
versioned: true,
objectOwnership: props?.objectOwnership,
lifecycleRules: [{
Expand Down
2 changes: 1 addition & 1 deletion test/__snapshots__/bucket.default.test.ts.snap
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion test/bucket.default.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ describe('SecureLogBucket default Testing', () => {
ServerSideEncryptionConfiguration: [
{
ServerSideEncryptionByDefault: {
SSEAlgorithm: 'aws:kms',
SSEAlgorithm: 'AES256',
},
},
],
Expand Down
18 changes: 17 additions & 1 deletion test/bucket.specific.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { SecureBucketEncryption } from '@gammarer/aws-secure-bucket';
import { App, Stack } from 'aws-cdk-lib';
import { Match, Template } from 'aws-cdk-lib/assertions';
import * as s3 from 'aws-cdk-lib/aws-s3';
Expand All @@ -14,6 +15,7 @@ describe('SecureLogBucket specific Testing', () => {

const bucket = new SecureLogBucket(stack, 'SecureLogBucket', {
bucketName: 'example-log-bucket',
encryption: SecureBucketEncryption.KMS_MANAGED,
changeClassTransition: {
infrequentAccessDays: 20,
intelligentTieringDays: 40,
Expand All @@ -28,7 +30,21 @@ describe('SecureLogBucket specific Testing', () => {

const template = Template.fromStack(stack);

it('Should match lifecycle', () => {
it('Should have specific encryption', () => {
template.hasResourceProperties('AWS::S3::Bucket', {
BucketEncryption: Match.objectEquals({
ServerSideEncryptionConfiguration: [
{
ServerSideEncryptionByDefault: {
SSEAlgorithm: 'aws:kms',
},
},
],
}),
});
});

it('Should match specific lifecycle', () => {
template.hasResourceProperties('AWS::S3::Bucket', {
LifecycleConfiguration: {
Rules: Match.arrayEquals([
Expand Down

0 comments on commit ec19cb8

Please sign in to comment.