Merge pull request kubernetes#5696 from pkprzekwas/k8s-infra-kops-sca…

…le-tests-bucket

Adding k8s-infra-kops-scale-tests bucket with public read

infra/aws/terraform/s3/k8s-infra-e2e-boskos-scale-001/.gitignore

@@ -0,0 +1,21 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+*.tfplan
+
+# Crash log files
+crash.log
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc

infra/aws/terraform/s3/k8s-infra-e2e-boskos-scale-001/bucket.tf

@@ -0,0 +1,65 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+resource "aws_s3_bucket" "k8s_infra_kops_scale_tests" {
+  bucket = "k8s-infra-kops-scale-tests"
+}
+
+resource "aws_s3_bucket_public_access_block" "k8s_infra_kops_scale_tests" {
+  bucket = aws_s3_bucket.k8s_infra_kops_scale_tests.id
+
+  block_public_acls       = false
+  block_public_policy     = false
+  ignore_public_acls      = false
+  restrict_public_buckets = false
+}
+
+resource "aws_s3_bucket_policy" "k8s_infra_kops_scale_tests" {
+  bucket = aws_s3_bucket.k8s_infra_kops_scale_tests.id
+
+  depends_on = [aws_s3_bucket_public_access_block.k8s_infra_kops_scale_tests]
+
+  policy = jsonencode({
+    "Id" : "Public-Access",
+    "Version" : "2012-10-17",
+    "Statement" : [
+      {
+        "Action" : "s3:ListBucket",
+        "Effect" : "Allow",
+        "Resource" : "${aws_s3_bucket.k8s_infra_kops_scale_tests.arn}",
+        "Principal" : "*"
+      },
+      {
+        "Action" : "s3:GetObject",
+        "Effect" : "Allow",
+        "Resource" : "${aws_s3_bucket.k8s_infra_kops_scale_tests.arn}/*",
+        "Principal" : "*"
+      },
+      {
+        "Sid" : "RequireTLSForObjectAccess",
+        "Action" : "s3:*",
+        "Effect" : "Deny",
+        "Resource" : "${aws_s3_bucket.k8s_infra_kops_scale_tests.arn}/*",
+        "Condition" : {
+          "Bool" : {
+            "aws:SecureTransport" : "false"
+          }
+        },
+        "Principal" : "*"
+      }
+    ]
+  })
+}

infra/aws/terraform/s3/k8s-infra-e2e-boskos-scale-001/providers.tf

@@ -0,0 +1,33 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+terraform {
+  backend "s3" {
+    bucket = "k8s-infra-kops-scale-tests-tf-state"
+    region = "us-east-2"
+    key    = "s3/k8s-infra-kops-scale-tests/terraform.tfstate"
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = "us-east-2"
+}