Skip to content

Commit

Permalink
chore(deployment) : Fix sources object access
Browse files Browse the repository at this point in the history 
It seems reasonable that the Airflow DAGs would access the sources
folder and can get object properties in it.
  • Loading branch information
@vperron @vmttn
vperron authored and vmttn committed Aug 13, 2024
1 parent 35bd73b commit cc81d32
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions deployment/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,21 @@ resource "scaleway_object_bucket_policy" "main" {
"${scaleway_object_bucket.main.name}/data/*",
]
},
{
Effect = "Allow",
Sid = "Grant list & read in sources/* to airflow",
Principal = {
SCW = ["application_id:${var.airflow_application_id}"]
},
Action = [
"s3:ListBucket",
"s3:GetObject"
],
Resource = [
"${scaleway_object_bucket.main.name}",
"${scaleway_object_bucket.main.name}/sources/*",
]
},
{
Effect = "Allow",
Sid = "Grant list & read in data/marts/* to the api",
Expand Down

0 comments on commit cc81d32

Please sign in to comment.