in Runtime/Core/BucketManagement/BucketStore.cs [36:185]
public CreateBucketResponse CreateBucket(CreateBucketRequest request)
{
ValidationResult validationResult = Validate(request);
if (!validationResult.IsValid)
{
return Response.Fail(new CreateBucketResponse
{
ErrorCode = validationResult.ErrorCode
});
}
try
{
// Create bootstrap bucket
PutBucketResponse putBucketResponse = _amazonS3Wrapper.PutBucket(new PutBucketRequest
{
BucketName = request.BucketName,
BucketRegionName = request.Region,
});
if (putBucketResponse.HttpStatusCode != HttpStatusCode.OK)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putBucketResponse.HttpStatusCode}"
});
}
// TODO (#17): Allow users to toggle audit-logging, versioning and encryption on bootstrap bucket
// Enable bootstrap bucket versioning
PutBucketVersioningResponse putBucketVersioningRequest = _amazonS3Wrapper.PutBucketVersioning(new PutBucketVersioningRequest
{
BucketName = request.BucketName,
VersioningConfig = new S3BucketVersioningConfig
{
Status = VersionStatus.Enabled
}
});
if (putBucketVersioningRequest.HttpStatusCode != HttpStatusCode.OK)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putBucketVersioningRequest.HttpStatusCode}"
});
}
// Enable bootstrap bucket server-side encryption
PutBucketEncryptionResponse putBucketEncryptionRequest = _amazonS3Wrapper.PutBucketEncryption(new PutBucketEncryptionRequest
{
BucketName = request.BucketName,
ServerSideEncryptionConfiguration = new ServerSideEncryptionConfiguration
{
ServerSideEncryptionRules = new List<ServerSideEncryptionRule>
{
new ServerSideEncryptionRule
{
ServerSideEncryptionByDefault = new ServerSideEncryptionByDefault
{
ServerSideEncryptionAlgorithm = ServerSideEncryptionMethod.AES256
}
}
}
}
});
if (putBucketEncryptionRequest.HttpStatusCode != HttpStatusCode.OK)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putBucketEncryptionRequest.HttpStatusCode}"
});
}
// Create logging bucket for the bootstrap bucket
string loggingBucketName = request.BucketName + "-log";
PutBucketResponse putLoggingBucketResponse = _amazonS3Wrapper.PutBucket(new PutBucketRequest
{
BucketName = loggingBucketName,
BucketRegionName = request.Region,
ObjectOwnership = ObjectOwnership.BucketOwnerPreferred
});
if (putLoggingBucketResponse.HttpStatusCode != HttpStatusCode.OK)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putLoggingBucketResponse.HttpStatusCode}"
});
}
var logPrefix = "GameLiftBootstrap";
var policy = new FileWrapper().ReadAllText(GetBucketPolicyPath());
var formattedPolicy = policy
.Replace("{0}", loggingBucketName)
.Replace("{1}", logPrefix)
.Replace("{2}", request.BucketName)
.Replace("{3}", request.AccountId);
PutBucketPolicyRequest policyRequest = new PutBucketPolicyRequest()
{
BucketName = loggingBucketName,
Policy = formattedPolicy
};
var putBucketPolicyResponse = _amazonS3Wrapper.PutBucketPolicy(policyRequest);
if (putBucketPolicyResponse.HttpStatusCode != HttpStatusCode.NoContent)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putBucketPolicyResponse.HttpStatusCode}"
});
}
// Enable access logging on the bootstrap bucket using the newly created logging bucket
PutBucketLoggingResponse putBucketLoggingRequest = _amazonS3Wrapper.PutBucketLogging(new PutBucketLoggingRequest
{
BucketName = request.BucketName,
LoggingConfig = new S3BucketLoggingConfig
{
TargetBucketName = loggingBucketName,
TargetPrefix = logPrefix,
}
});
if (putBucketLoggingRequest.HttpStatusCode != HttpStatusCode.OK)
{
return Response.Fail(new CreateBucketResponse()
{
ErrorCode = ErrorCode.AwsError,
ErrorMessage = $"HTTP Status Code {putBucketLoggingRequest.HttpStatusCode}"
});
}
return Response.Ok(new CreateBucketResponse());
}
catch (Exception ex)
{
Logger.LogError(ex, ex.Message);
return HandleAwsException(ex, () => new CreateBucketResponse());
}
}