event archive bucket policy modification according different env #250
Conversation
|
... will review in tick, eta 4pm. |
There was a problem hiding this comment.
Not major of comment from me.
Better wait from @reisingerf approval on bucket naming before merging. There is some naming convention attach to this. He can advice/guide better.
raylrui
force-pushed
the
feature/universal-event-archiver
branch
from
5765a64 to
7041d00
Compare
|
This should be good. @reisingerf PR pls |
config/constants.ts
Outdated
| @@ -63,8 +77,8 @@ export const eventBusName = 'OrcaBusMain'; | |||
| export const eventSourceQueueName = 'orcabus-event-source-queue'; | |||
|
|
|||
| // Event Archiver constants for EventBus Contruct in SharedStack | |||
| export const archiveBucketName = 'event-archive-bucket'; | |||
| export const archiveSecurityGroupName = 'OrcaBusEventArchiveSecurityGroup'; | |||
| export const archiveBucketNamePrefix = 'orcabus-event-archive-'; | |||
There was a problem hiding this comment.
Hm, a quite generic name for a specific purpose bucket. There may be other archive buckets besides the event archive...
Also, I am not sure this bucket is meant to be for anything else than internal use. Nobody else needs to know that name and it does not have to be configurable. As such we could move its definition into the stack (or even construct) level?
There was a problem hiding this comment.
I move the Event Archiver definition from into the EventBus Stack level config, as event bus users may need config archiver
Fix/Refactor of event archiver:
RemovalPolicy:
RemovalPolicy.DESTROYmode in our dev/test envs,only enable
RemovalPolicy.RETAINin prod env.For dev/test redeployment, we may still delete all contents in the bucket and get the bucket physically deleted.
unique bucket name
beta: orcabus-event-archive-
devAccountId,gamma: orcabus-event-archive-
stgAccountId,prod: orcabus-event-archive-
prodAccountId,From discuss: https://umccr.slack.com/archives/C03ABJTSN7J/p1713927722151309