Skip to content

Commit

Permalink
fix: Add serverside encryption in bucketdeployment
Browse files Browse the repository at this point in the history 
Might solve issue:
- custom resource lambda (code)[https://github.com/aws/aws-cdk/blob/v1-main/packages/%40aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts]
  has AccessDenied errors when calling PutObject on the static resources
  bucket.
  • Loading branch information
@joostvanderborg
joostvanderborg committed May 9, 2023
1 parent c1659bb commit 0e69968
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/CloudfrontStack.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import { IHostedZone } from 'aws-cdk-lib/aws-route53';
import { RemoteParameters } from 'cdk-remote-stack';
import { Construct } from 'constructs';
import { Statics } from './statics';
import { ServerSideEncryption } from 'aws-cdk-lib/aws-s3-deployment';

export class CloudfrontStack extends Stack {
private zone?: IHostedZone;
Expand Down Expand Up @@ -295,6 +296,7 @@ export class CloudfrontStack extends Stack {
destinationBucket: bucket,
distribution: distribution,
distributionPaths: ['/static/*'],
serverSideEncryption: aws_s3_deployment.ServerSideEncryption.AES_256
});
}
}

0 comments on commit 0e69968

Please sign in to comment.