h1. Request Details
h2. Background
Currently TAP for Accommodation Pricing Operations using custom logging for activity log. Since TAP application will be scheduled for decommission and AINOPS as replacement for Accommodation Pricing Operations part which is use Activity Logging Service, we need bucket to store all the data changes and activity from this service, and this bucket should be implemented before we fully migrate from TAP as well. This request intended to complete previous new stack request :
https://29022131.atlassian.net/servicedesk/customer/portal/11/TOSD-4013
h2. Purpose
This bucket used for storing all data changes and activity by accommodation pricing operations using activity logging service
h2. Impact
This dedicated storage could help us to track our historical changes and activity, notification and production issue if necessary
h2. Risk
None
h2. Resources
h3. S3 Bucket
h4. Configuration
{code}
bucket = "ainops-activitylog-715824975366-<random_id>"
acl = "private"
region = "ap-southeast-1"
tags = {
Service = "ainops"
ProductDomain = "ain"
Environment = "production"
Description = "Accommodation Pricing Operations activity log bucket"
}
versioning = {
enabled = true
}
{code}
h3. S3 Bucket Policy
{code}
sid = "ainops-activitylog_read_write"
effect = "Allow"
actions = [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
]
identifiers = []
resources = ["arn:aws:s3:::ainops-activitylog-715824975366-<random_id>/*"]
principal = ["arn:aws:iam::715824975366:role/profile-ainops-app"]
sid = "ainops-activitylog_listbucket"
effect = "Allow"
actions = ["s3:ListBucket"]
identifiers = []
resources = ["arn:aws:s3:::ainops-activitylog-715824975366-<random_id>"]
principal = ["arn:aws:iam::715824975366:role/profile-ainops-app"]
{code}