Examples with PublicAccessBlockConfiguration com.amazonaws.services.s3.model.PublicAccessBlockConfiguration used on opensource projects

Example 1 with PublicAccessBlockConfiguration

use of com.amazonaws.services.s3.model.PublicAccessBlockConfiguration in project entrada by SIDN.

the class AmazonInitializer method initializeStorage.

@Override
public boolean initializeStorage() {
    log.info("Provision AWS storage");
    // create local storage locations
    super.initializeStorage();
    if (!fileManager.supported(output)) {
        throw new ApplicationException("Selected mode is AWS but the ENTRADA output location does not use S3, cannot continue");
    }
    // check if the s3 bucket and required directories exist and if not create these
    if (!BucketNameUtils.isValidV2BucketName(bucket)) {
        throw new ApplicationException("\"" + bucket + "\" is not a valid S3 bucket name, for bucket restrictions and limitations, see: " + bucketRules);
    }
    // only create bucket and lifecycle rules if we are managing the bucket
    if (!manageBucket) {
        return true;
    }
    if (!amazonS3.doesBucketExistV2(bucket)) {
        log.info("Create bucket: " + bucket);
        amazonS3.createBucket(bucket);
        // make sure to block all public access to the bucket
        amazonS3.setPublicAccessBlock(new SetPublicAccessBlockRequest().withBucketName(bucket).withPublicAccessBlockConfiguration(new PublicAccessBlockConfiguration().withBlockPublicAcls(Boolean.TRUE).withIgnorePublicAcls(Boolean.TRUE).withBlockPublicPolicy(Boolean.TRUE).withRestrictPublicBuckets(Boolean.TRUE)));
        enableEncryption();
    }
    // also make sure pcap files archived on S3 have a expiration lifecycle policy
    return amazonS3.doesBucketExistV2(bucket) && enableBucketLifecycle(athenaOutputLocation, "Delete Athena results", outputExpiration, false) && enableBucketLifecycle(archive, "Delete archived pcap-files", archiveExpiration, true);
}