Find Jobs
Hire Freelancers

PoC: S3 Bucket Policy creation using Lambda and SNS

$250-750 USD

Concluído
Publicado há quase 7 anos

$250-750 USD

Pago na entrega
We are working on a multi-account approach to CodePipeline for CI/CD use. As a part of this effort, we have already completed CloudFormation templates to provision CodePipeline in each account and created Lambda functions within the master account to ship a branch snapshot from CodeCommit to an S3 Bucket on the remote account whenever new git activity is detected. The next step in the process is to improve the security by only allowing the Role ARN of the Lambda in the Main Account to be able to push objects into the S3 buckets on the destination account. We conceive that the best way to do this is to use JSON messages over SNS to request/exchange the Role ARN, and then update the bucket policy when a change to the ARN is received over this topic. What we are looking for is someone to build a Proof-of-Concept for this use case, creating two CloudFormation templates to do the following: CloudFormation for Account #1: * Create SNS Topic * Create Lambda with SNS trigger which listens for a JSON payload with a key of "RequestMaster" in it, responding to the same SNS Topic with a JSON key of "S3InvokeARN" and value of a Lambda Role ARN. * Subscribe SNS Lambda to the SNS Topic * Create CloudWatch event that executes every 30m. * Create Lambda triggered on that event which broadcasts a JSON key of "S3InvokeARN" and value of a Lambda Role ARN. CloudFormation for Account #2: * Create S3 Bucket * Create S3 Bucket Policy * Create Lambda with SNS trigger which listens for a JSON payload with a key of "S3InvokeARN" in it, using the value of that to compare to the current ARN in the active S3 Bucket Policy. If the new ARN in the value of the payload is different, replace the current S3 Bucket Policy with one which grants S3:PutObject and S3:PutObjectACL to the ARN indicated by the payload (only allows the role specified to push objects into the S3 Bucket). * Subscribe Lambda to the SNS Topic in Account #1 (okay to pass as a CloudFormation parameter the user has to enter) Bonus Objective: * Devise a way to publish a "RequestMaster" JSON payload to the SNS Topic in Account #1 when the CloudFormation in Account #2 successfully completes. For further clarification, see the attached PDF. The "greyed" portion up top shows the notion we have already implemented, to help with context and understanding. The bottom portion diagrams the flows I am referring to above to clarify the scope of work. Deliverables: * Minimum of two Cloud Formation templates standing up the capabilities outlined above. * Directions for any other resources you created to support the POC (such as mock items representing resources in the "grey diagram"), so we can reproduce them when we validate your work. Requirements: * Cloud Formation templates should be done in YAML (or converted to YAML and tested prior to delivery) * Lambda can be done in any language of choice, but Python or Node.js are preferred. * Where possible for the lambdas (when under 4096 characters), we would like them to be included inline within the Cloud Formation templates (Using "Code:", "Zipfile: |" approach) * Please bid only if you have availability to work on this in the next few days
ID do Projeto: 13579268

Sobre o projeto

10 propostas
Projeto remoto
Ativo há 7 anos

Quer ganhar algum dinheiro?

Benefícios de ofertar no Freelancer

Defina seu orçamento e seu prazo
Seja pago pelo seu trabalho
Descreva sua proposta
É grátis para se inscrever e fazer ofertas em trabalhos
Concedido a:
Avatar do Usuário
Hi i am a software engineer with cloud computing specialty. I have been working on AWS for last 2 years. I have following expertise in AWS services 1. EC2 configuration from console and using java sdk/python boto3 2. EMR configuration and automation through java/python script 3. Data pipeline and productionalize through java/python script 4. Big data processing using Sqoop for data movement from RDS to EMR HDFS and then to S3 after that using copy command to move to REDSHFIT 5. IAM rules configuration 6. CloudFormation [login to view URL] 8. Looker/Tableu reporting tools I am currently working on a big data project using AWS services. I also have good understanding of Agile development and JIRA. I have used tools like JIRA, Jenkins for many projects. You will find me according to your expectations if you give me an opportunity to do this job for you, looking forward for your response Thanks
$500 USD em 10 dias
5,0 (20 avaliações)
5,1
5,1
10 freelancers estão ofertando em média $631 USD for esse trabalho
Avatar do Usuário
Bid Summmary Why not directly create an Account #2 IAM user that has only access to changing/listing bucket policies. Even with this approach you'll need Access & Secret Keys for Account #2 in order to invoke SNS Relevant Experience AWS Design: https://www.freelancer.com/projects/Amazon-Web-Services/AWS-Design/
$555 USD em 10 dias
4,9 (64 avaliações)
6,6
6,6
Avatar do Usuário
Bid Summmary Had 5+ years of experience in AWS and Linux Relevant Experience Amazon Web Services: Lambda, API Gateway, EC2, Load Balancers, RDS, Elastic Beanstalk, Elastic File System, IAM, VPC, Security Groups, Cloud Formation,, S3, CLoudFront, Redshift, Route 53, Cloud Watch, Kinesis, SNS, SQS and etc. Advertising Technologies: Facebook Graph API's, FB Website Custom Audience, FB Dynamic Product Ads, Real Time Bidding, Retargeting Ads. Programming Languages: C, C++, Java, Go Big Data Technologies: Kafka, Flume, Pig, Memsql, Aerospike, Redis, MemCache and etc. Miscellaneous: Algorithms, Data Structures, Distributed Systems, Operating Systems Databases: Oracle, MySQL, Operating Systems: Windows, Linux, Ubuntu and etc. Web Technologies: HTML, PHP Code Deployments: Puppet, Docker Monitoring: Nagios, Ganglia:
$833 USD em 0 dia
5,0 (32 avaliações)
5,6
5,6
Avatar do Usuário
Hey there, Thank you for your invitation. I've got extensive experience with Amazon AWS, Google Cloud and other cloud platforms. You can confirm this by checking out my profile page, you will see lots of AWS related projects. I'm well versed in Linux System Administration and top 5% of Linux expert here. I've worked with almost all of the Amazonn AWS services including Lambda, DynamoDB, CodeDeploy, ElasticBeanstalk, Elastic Load Balancer (ELB) in order to provide high availability with Scaling groups in order to load new instances whenever certain parameter metrics match. Further more, I've done deployments with LAMP/Ruby stack as well as Docker. I've also used puppet/chef and git for deployments. I've close to 200 projects completed here and I'm very experienced in what I do. So I'm perfectly suitable for this kind of job. Please feel free to ask if you've any questions. Thanks
$699 USD em 15 dias
4,8 (54 avaliações)
5,7
5,7
Avatar do Usuário
Hi Modokt, I am competitive to this kind of task, can take good care of this project. In fact, I already done related to this job before. Let me know the best of your time so we can discuss further based on your requirements and we can move forward to the next step. Thanks, Joseph C Ocero
$749 USD em 30 dias
4,8 (19 avaliações)
4,8
4,8
Avatar do Usuário
Hi, my name is Mike, I’m based in Oxford, UK. Your project description sounds interesting to me and I do have skills & experience that are required to complete it to a high standard. I can show you some examples of my work that are similar to this. Let me know when you’re available to go through it in more details.
$555 USD em 10 dias
5,0 (1 avaliação)
3,2
3,2
Avatar do Usuário
Dear Prospective Client, As based on my initial review I can confirm its feasibility & as I am great fit technically and have good understanding of the domain & your requirement & would submit a detailed response soon. After completing discussion your requirements, i will provide you live prototypes, Designs, SRS and FRS Document. Meanwhile I would really appreciate it if you can initiate the PERSONAL MESSAGE BOARD so that we can connect with each other. Thanks
$555 USD em 10 dias
5,0 (1 avaliação)
0,0
0,0
Avatar do Usuário
Hey, how is it going today? My name is Michael, I'm a web designer/developer from Boston. I've had a look at your project description and feel that my skills match your requirements perfectly. In fact, I did a very similar project recently which I can share with you. Let me know when you have a minute to discuss.
$555 USD em 10 dias
0,0 (0 avaliações)
0,0
0,0

Sobre o cliente

Bandeira do(a) UNITED STATES
Richardson, United States
5,0
1
Método de pagamento verificado
Membro desde mar. 31, 2017

Verificação do Cliente

Obrigado! Te enviamos um link por e-mail para que você possa reivindicar seu crédito gratuito.
Algo deu errado ao enviar seu e-mail. Por favor, tente novamente.
Usuários Registrados Total de Trabalhos Publicados
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)
Copyright © 2024 Freelancer Technology Pty Limited (ACN 142 189 759)
Carregando pré-visualização
Permissão concedida para Geolocalização.
Sua sessão expirou e você foi desconectado. Por favor, faça login novamente.