Updates for creating buckets in different regions

wphyojpl · Aug 17, 2021 · 1a27e3a · 1a27e3a
1 parent 9e427c6
commit 1a27e3a
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 20 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,7 +1,6 @@
 FROM python:3.7
 
 ARG AWS_ACCESS_KEY_ID
-ARG AWS_ACCOUNT_ID
 ARG AWS_REGION
 ARG AWS_SECRET_ACCESS_KEY
 ARG PREFIX

diff --git a/docker/README.md b/docker/README.md
@@ -23,7 +23,6 @@ This bare bones deployment does not include:
 
 The deployment uses locally defined environment variables to generate all of the variables used for deployments. Define the following variables:
 
-- AWS_ACCOUNT_ID
 - AWS_ACCESS_KEY_ID
 - AWS_SECRET_ACCESS_KEY
 - AWS_REGION
@@ -35,7 +34,10 @@ The deployment uses locally defined environment variables to generate all of the
 
 ### Build the docker container
 
-`docker-compose build`
+```
+cd docker
+docker-compose build
+```
 
 The build command:
 - Installs requirements (`requirements.sh`)
@@ -59,7 +61,7 @@ This will create a shell running inside your docker container. All subsequent co
 
 _Before_ your first deployment, run the following:
 
-`sh build/deployment-one-time-setup.sh`
+`bash build/deployment-one-time-setup.sh`
 
 Using your prefix, this will
 - Create buckets:
@@ -71,11 +73,27 @@ Using your prefix, this will
 
 You will not need to run this on repeat deployments.
 
-Upon completion, you can validate that the above buckets were created in your AWS account.
+Upon completion, you can validate that the above buckets were created in your AWS account. The created bucket locations will be printed to the console.
+
+i.e.
+```
+{
+    "Location": "http://prefix-internal.s3.amazonaws.com/"
+}
+{
+    "Location": "http://prefix-public.s3.amazonaws.com/"
+}
+{
+    "Location": "http://prefix-private.s3.amazonaws.com/"
+}
+{
+    "Location": "http://prefix-protected.s3.amazonaws.com/"
+}
+```
 
 ### Deploy all
 
-`sh build/deploy-all.sh`
+`bash build/deploy-all.sh`
 
 This deploys the following deployment layers in order:
 - RDS Cluster
@@ -87,7 +105,7 @@ Deployment output and any errors will be printed to the console.
 
 ### Connect to backend API
 
-`sh print-connection-commands.sh`
+`bash print-connection-commands.sh`
 
 This will print out something like:
 ```
@@ -119,17 +137,19 @@ _Outside_ of the Docker container, in a separate terminal, run
 CONTAINER_ID=$(docker ps -alq) && docker cp $CONTAINER_ID:/deploy ./deploy
 ```
 
+Note: this only works if the deployment container is the most recently started container. If you're working with other docker containers, you'll have to set `CONTAINER_ID` to the correct container id.
+
 This will copy all of the files used for deployment to a `deploy/` folder so you can view them. These files can be used to configure and update your deployment from your local machine.
 
 ## Teardown
 
 To save money and resources, when finished with your Cumulus deployment you can tear it down by running:
 
-`sh build/teardown.sh`
+`bash build/teardown.sh`
 
 then, upon success:
 
-`sh build/teardown-one-time-setup.sh`
+`bash build/teardown-one-time-setup.sh`
 
 Teardown output can be viewed in the console.
 

diff --git a/docker/deployment-one-time-setup.sh b/docker/deployment-one-time-setup.sh
@@ -1,17 +1,23 @@
 #!/bin/bash
 set -e
 
-echo Using prefix $prefix
+echo Using prefix $PREFIX
 
 ### CREATE BUCKETS
 
 echo Creating buckets
 
-aws s3api create-bucket --bucket $PREFIX-tf-state
-aws s3api create-bucket --bucket $PREFIX-internal
-aws s3api create-bucket --bucket $PREFIX-public
-aws s3api create-bucket --bucket $PREFIX-private
-aws s3api create-bucket --bucket $PREFIX-protected
+if [[ $AWS_REGION = "us-east-1" ]]; then
+    aws s3api create-bucket --bucket $PREFIX-internal
+    aws s3api create-bucket --bucket $PREFIX-public
+    aws s3api create-bucket --bucket $PREFIX-private
+    aws s3api create-bucket --bucket $PREFIX-protected
+else
+    aws s3api create-bucket --bucket $PREFIX-internal --create-bucket-configuration LocationConstraint=$AWS_REGION
+    aws s3api create-bucket --bucket $PREFIX-public --create-bucket-configuration LocationConstraint=$AWS_REGION
+    aws s3api create-bucket --bucket $PREFIX-private --create-bucket-configuration LocationConstraint=$AWS_REGION
+    aws s3api create-bucket --bucket $PREFIX-protected --create-bucket-configuration LocationConstraint=$AWS_REGION
+fi
 
 ### CREATE JWT SECRET FOR TEA ###
 

diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
@@ -8,7 +8,6 @@ services:
       context: ../
       args:
         - AWS_ACCESS_KEY_ID
-        - AWS_ACCOUNT_ID
         - AWS_REGION
         - AWS_SECRET_ACCESS_KEY
         - PREFIX
@@ -18,7 +17,6 @@ services:
         - OPERATOR_API_USER
     environment:
       - AWS_ACCESS_KEY_ID
-      - AWS_ACCOUNT_ID
       - AWS_REGION
       - AWS_SECRET_ACCESS_KEY
       - PREFIX

diff --git a/docker/prep-deployments.sh b/docker/prep-deployments.sh
@@ -8,18 +8,25 @@ aws configure set region $AWS_REGION
 aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
 aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
 
+AWS_ACCOUNT_ID=$(aws sts get-caller-identity | grep "Account" | sed -E 's/.*"([^"]+)",/\1/')
+
 echo Using prefix $PREFIX
 INTERNAL_BUCKET=$PREFIX-internal
 TFSTATE_BUCKET=$PREFIX-tf-state
-echo internal $INTERNAL_BUCKET
 
 # Create the tf state bucket if it does not exist
 set +e
+
 aws s3api head-bucket --bucket $TFSTATE_BUCKET
 
 if [[ $? != 0 ]]; then
-set -e
-aws s3api create-bucket --bucket $TFSTATE_BUCKET
+  echo Creating TF state bucket $TFSTATE_BUCKET
+  set -e
+  if [[ $AWS_REGION = "us-east-1" ]]; then
+    aws s3api create-bucket --bucket $TFSTATE_BUCKET
+  else
+    aws s3api create-bucket --bucket $TFSTATE_BUCKET --create-bucket-configuration LocationConstraint=$AWS_REGION
+  fi
 fi
 
 set -e