Create a Pulumi program for S3 backend accessPython
Certainly, to create programmatic access to resources stored in an S3 bucket, two main resources are required in your AWS setup:
AWS S3 Bucket - A bucket is a logical unit of storage in Amazon Web Services (AWS) object storage service, Simple Storage Solution (S3). Buckets hold objects which consist of data and its descriptive metadata.
AWS IAM User - This is an entity that you create in AWS to represent the person or application that uses it to interact with AWS. The IAM user has credentials and permissions attached to it that determine what the user can and can't do in AWS.
AWS IAM Access Key - AWS IAM access keys are primarily used for programmatic access to AWS services like adding and retrieving content in S3 buckets. They consist of an access key ID and a secret access key.
Here is a program that accomplishes this:
Remember to keep the
secretAccessKeyconfidential! You may consider to manage the access keys via AWS SecretsManager.
In this Python code, we are creating an AWS S3 bucket, an IAM user and granting the user full access to the S3 bucket via a policy. We also generate an access key pair that can be used for programmatic access (i.e., access from your code) to AWS services. The program exports the access key ID and secret at the end so you have the values handy—you'll need them for your code.
Keep your secret access key confidential to protect your AWS resources!