Giters

aws-solutions / media-services-application-mapper

Media Services Application Mapper is a browser-based tool that allows operators to visualize the structure and logical connections among AWS Media Services and supporting services in the cloud. The tool can be used as a top-down resource monitoring tool when integrated with CloudWatch.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Update S3 write scripts to check account ownership before write

jilladams opened this issue · comments

commented

script statements like this:
aws s3 sync $global_dist_dir s3://$global_bucket/aws-media-insights-engine/$version/
aws s3 sync $regional_dist_dir s3://${regional_bucket}-${region}/aws-media-insights-engine/$version/

To include checks like this before running s3 sync or cp:
aws s3api head-bucket --bucket $global_bucket --expected-bucket-owner $bucket_account
aws s3api head-bucket --bucket $regional_bucket --expected-bucket-owner $bucket_account

The head-bucket command will return a non-zero result (API returns a 403) if the bucket ownership doesn’t match. If you have error handling set to short-circuit the script, the above statements would stop the script before uploading.

Directly uploading to regional buckets means checking each bucket before uploading.