Add ability to access odl-micromasters-audit bucket to IAM policy

mitodl · Mar 8, 2023 · 5946de5 · 5946de5
1 parent d9ea9d2
commit 5946de5
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/ol_infrastructure/applications/micromasters/__main__.py b/src/ol_infrastructure/applications/micromasters/__main__.py
@@ -42,6 +42,7 @@
 
 # Bucket used to store files from MicroMasters app.
 micromasters_bucket_name = f"ol-micromasters-app-{stack_info.env_suffix}"
+micromasters_audit_bucket_name = f"odl-micromasters-audit-{stack_info.env_suffix}"
 micromasters_bucket = s3.Bucket(
     f"micromasters-{stack_info.env_suffix}",
     bucket=micromasters_bucket_name,
@@ -90,6 +91,7 @@
                 },
                 {
                     "Effect": "Allow",
+                    "Principal": "*",
                     "Action": [
                         "s3:ListBucket*",
                         "s3:PutObject",
@@ -100,6 +102,8 @@
                     "Resource": [
                         f"arn:aws:s3:::{micromasters_bucket_name}",
                         f"arn:aws:s3:::{micromasters_bucket_name}/*",
+                        f"arn:aws:s3:::{micromasters_audit_bucket_name}",
+                        f"arn:aws:s3:::{micromasters_audit_bucket_name}/*",
                     ],
                 },
             ],