search

aws-samples / image-optimization

Simple, performant and cost efficient solution for optimizing images using Amazon CloudFront, Amazon S3 and AWS Lambda
MIT No Attribution
195 stars 116 forks source link

my cdk setup and source bucket is in different different aws account , so how to setup my source bucket ? #36

Closed sandeepraghu closed 3 months ago

sandeepraghu commented 5 months ago

cdk deploy -c S3_IMAGE_BUCKET_NAME=’YOUR_S3_BUCKET_NAME’

i am using this command to deploy and passing the bucket name as well but it is not taking the source bucket which i have passed.

for your infoormation , i have setup this cdk in different aws account and my source bucket is in different aws account , so how to setup this, i have tried with bucket arn but still not working. please help

Thanks!

achrafsouk commented 5 months ago

hello, can you paste the deployment error you are getting?

sandeepraghu commented 5 months ago

@achrafsouk i am not getting any error , the source bucket is not what i mention , it is creating its own.

achrafsouk commented 5 months ago

I tested it. When the bucket is in a different account, you have to manually add the right persmissions to the bucket policy to allow the Lambda function to download the original images for manipulation. An example bucket policy:

{
    "Version": "2008-10-17",
    "Id": "PolicyForCloudFrontPrivateContent",
    "Statement": [
        {
            "Sid": "1",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::0850403501:role/ImgTransformationStack-imageoptimizationServiceRole-UqSczI3sXF7L"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my_bucket_name/*"
        }
    ]
}

Where ImgTransformationStack-imageoptimizationServiceRole-UqSczI3sXF7L is the IAM role of assumed by the Lambda in the CDK stack account.