in app.py [0:0]
def __init__(self, scope: Construct, id: builtins.str, vpc:ec2.IVpc) -> None:
super().__init__(scope, id)
self.bucket = s3.Bucket(self,'Bucket',
removal_policy=cdk.RemovalPolicy.DESTROY,
access_control= s3.BucketAccessControl.PRIVATE,
public_read_access=False,
encryption= s3.BucketEncryption.S3_MANAGED)
'''
Configure DataSync Locations
'''
self.ds_role = iam.Role(self,'DataSyncRole',
assumed_by= iam.ServicePrincipal(service='datasync', region=cdk.Aws.REGION),
managed_policies=[
iam.ManagedPolicy.from_aws_managed_policy_name('AmazonS3FullAccess')
])
self.datasync_location = ds.CfnLocationS3(self,'S3-Location',
s3_bucket_arn= self.bucket.bucket_arn,
s3_config= ds.CfnLocationS3.S3ConfigProperty(bucket_access_role_arn=self.ds_role.role_arn))