From 5946de58f50244052c9c0e19babe08983b99aa88 Mon Sep 17 00:00:00 2001
From: Chris Patti <feoh@feoh.org>
Date: Wed, 8 Mar 2023 13:12:56 -0500
Subject: [PATCH] Add ability to access odl-micromasters-audit bucket to IAM
 policy

---
 src/ol_infrastructure/applications/micromasters/__main__.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/ol_infrastructure/applications/micromasters/__main__.py b/src/ol_infrastructure/applications/micromasters/__main__.py
index 5be5fc0f2..43bb68f1c 100644
--- a/src/ol_infrastructure/applications/micromasters/__main__.py
+++ b/src/ol_infrastructure/applications/micromasters/__main__.py
@@ -42,6 +42,7 @@
 
 # Bucket used to store files from MicroMasters app.
 micromasters_bucket_name = f"ol-micromasters-app-{stack_info.env_suffix}"
+micromasters_audit_bucket_name = f"odl-micromasters-audit-{stack_info.env_suffix}"
 micromasters_bucket = s3.Bucket(
     f"micromasters-{stack_info.env_suffix}",
     bucket=micromasters_bucket_name,
@@ -90,6 +91,7 @@
                 },
                 {
                     "Effect": "Allow",
+                    "Principal": "*",
                     "Action": [
                         "s3:ListBucket*",
                         "s3:PutObject",
@@ -100,6 +102,8 @@
                     "Resource": [
                         f"arn:aws:s3:::{micromasters_bucket_name}",
                         f"arn:aws:s3:::{micromasters_bucket_name}/*",
+                        f"arn:aws:s3:::{micromasters_audit_bucket_name}",
+                        f"arn:aws:s3:::{micromasters_audit_bucket_name}/*",
                     ],
                 },
             ],