Skip to content

Commit

Permalink
Merge pull request #101 from nationalarchives/fix/additional-credenti…
Browse files Browse the repository at this point in the history 
…als-for-invalidation

Use specific AWS credentials for cloudfront invalidation
  • Loading branch information
@Floppy
Floppy authored Apr 22, 2022
2 parents 7794e44 + 9f05119 commit 9b71da3
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 9 deletions.
3 changes: 3 additions & 0 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,6 @@ PRIVATE_ASSET_BUCKET=
AWS_ACCESS_KEY_ID=
AWS_SECRET_KEY=
AWS_ENDPOINT_URL=
CLOUDFRONT_INVALIDATION_ACCESS_KEY_ID=
CLOUDFRONT_INVALIDATION_ACCESS_SECRET=
CLOUDFRONT_PUBLIC_DISTRIBUTION_ID=
19 changes: 10 additions & 9 deletions judgments/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,13 @@ def unpublish_documents(uri: str) -> None:


def invalidate_caches(uri: str) -> None:
cloudfront = aws_session().client("cloudfront")
aws = boto3.session.Session(
aws_access_key_id=env("CLOUDFRONT_INVALIDATION_ACCESS_KEY_ID", default=None),
aws_secret_access_key=env(
"CLOUDFRONT_INVALIDATION_ACCESS_SECRET", default=None
),
)
cloudfront = aws.client("cloudfront")
cloudfront.create_invalidation(
DistributionId=env("CLOUDFRONT_PUBLIC_DISTRIBUTION_ID"),
InvalidationBatch={
Expand All @@ -309,14 +315,9 @@ def invalidate_caches(uri: str) -> None:
)


def aws_session():
return boto3.session.Session(
def create_s3_client():
aws = boto3.session.Session(
aws_access_key_id=env("AWS_ACCESS_KEY_ID", default=None),
aws_secret_access_key=env("AWS_SECRET_KEY", default=None),
)


def create_s3_client():
return aws_session().client(
"s3", endpoint_url=env("AWS_ENDPOINT_URL", default=None)
)
return aws.client("s3", endpoint_url=env("AWS_ENDPOINT_URL", default=None))

0 comments on commit 9b71da3

Please sign in to comment.