async function createBucketInSecondaryRegion()

in source/secondary-bucket-creator/source/index.ts [9:92]

• 76 lines of code
• 6 McCabe index (conditional complexity)

async function createBucketInSecondaryRegion(bucketName: string, bucketRegion: string, loggingBucketName?: string, loggingPrefix?: string): Promise<CompletionStatus> {
  try {
    const s3 = new AWS.S3({ region: bucketRegion });

    const createBucketParams = {
      Bucket: bucketName
    };

    if (bucketRegion !== 'us-east-1') {
      createBucketParams['CreateBucketConfiguration'] = {
        LocationConstraint: bucketRegion
      };
    }

    console.log(`Creating bucket: ${JSON.stringify(createBucketParams)}`);
    await s3.createBucket(createBucketParams).promise();
    console.log(`Bucket created: ${JSON.stringify(createBucketParams)}`);

    const putBucketEncryptionParams = {
      Bucket: bucketName,
      ServerSideEncryptionConfiguration: {
        Rules: [
          {
            ApplyServerSideEncryptionByDefault: {
              SSEAlgorithm: 'aws:kms'
            }
          }
        ]
      }
    };
    console.log(`Putting bucket encryption: ${JSON.stringify(putBucketEncryptionParams)}`);
    await s3.putBucketEncryption(putBucketEncryptionParams).promise()
    console.log(`Bucket encryption placed: ${JSON.stringify(putBucketEncryptionParams)}`);

    if (!loggingBucketName) {
      const putBucketAclParams = {
        Bucket: bucketName,
        ACL: 'log-delivery-write'
      };
      console.log(`Putting bucket ACL: ${JSON.stringify(putBucketAclParams)}`);
      await s3.putBucketAcl(putBucketAclParams).promise();
      console.log(`Bucket ACL placed: ${JSON.stringify(putBucketAclParams)}`);
    }

    const putPublicAccessBlockParams = {
      Bucket: bucketName,
      PublicAccessBlockConfiguration: {
        BlockPublicAcls: true,
        BlockPublicPolicy: true,
        IgnorePublicAcls: true,
        RestrictPublicBuckets: true
      }
    };
    console.log(`Putting public access block: ${JSON.stringify(putPublicAccessBlockParams)}`);
    await s3.putPublicAccessBlock(putPublicAccessBlockParams).promise();
    console.log(`Public access block placed: ${JSON.stringify(putPublicAccessBlockParams)}`);

    if (loggingBucketName && loggingPrefix) {
      const putBucketLoggingParams = {
        Bucket: bucketName,
        BucketLoggingStatus: {
          LoggingEnabled: {
            TargetBucket: loggingBucketName,
            TargetPrefix: loggingPrefix
          }
        }
      };
      console.log(`Putting bucket logging: ${JSON.stringify(putBucketLoggingParams)}`);
      await s3.putBucketLogging(putBucketLoggingParams).promise()
      console.log(`Bucket logging placed: ${JSON.stringify(putBucketLoggingParams)}`);
    }

    return {
      Status: StatusTypes.Success,
      Data: { BucketName: bucketName }
    }
  } catch (error) {
    console.log(error)
    return {
      Status: StatusTypes.Failed,
      Data: error.message
    }
  }
}