Create CDN endpoints and S3 buckets for remote new tab page

RESOLVED FIXED

Status

()

Firefox
New Tab Page
P1
normal
RESOLVED FIXED
2 years ago
10 days ago

People

(Reporter: oyiptong, Assigned: mostlygeek)

Tracking

47 Branch
Points:
---

Firefox Tracking Flags

(firefox47 affected)

Details

(Reporter)

Description

2 years ago
Please create CDN endpoints for remote firefox content.

They should be:

content.cdn.mozilla.net and content-stage.cdn.mozilla.net

Please setup corresponding S3 buckets for upload as well.

The stage S3 bucket should be write-accessible by:

oyiptong, emtwo, ursula, r1cky, k88hudson, nanj and marcosc
(Assignee)

Comment 1

2 years ago
> The stage S3 bucket should be write-accessible by: oyiptong, emtwo, ursula, r1cky, k88hudson, nanj and marcosc

Does this work for you:

DEV and STAGE are separate AWS accounts. Developer's don't have access to the STAGE account. I can create the s3 bucket in DEV then anybody with a DEV account will have access. 

The nginx rewrite proxy can be in stage.
(Assignee)

Comment 2

2 years ago
Also this is the data flow design: 

CDN => NGINX => S3

Each part is accessible via HTTPS so it shouldn't matter where each part lives. 

For production we'll put everything in one account to limit access and improve security.
(Reporter)

Comment 3

2 years ago
(In reply to Benson Wong [:mostlygeek] from comment #1)
> > The stage S3 bucket should be write-accessible by: oyiptong, emtwo, ursula, r1cky, k88hudson, nanj and marcosc
> 
> Does this work for you:
> 
> DEV and STAGE are separate AWS accounts. Developer's don't have access to
> the STAGE account. I can create the s3 bucket in DEV then anybody with a DEV
> account will have access. 

Works for me
(Reporter)

Comment 4

2 years ago
(In reply to Benson Wong [:mostlygeek] from comment #2)
> Also this is the data flow design: 
> 
> CDN => NGINX => S3
> 
> Each part is accessible via HTTPS so it shouldn't matter where each part
> lives. 
> 
> For production we'll put everything in one account to limit access and
> improve security.

Sounds good
(Reporter)

Comment 5

2 years ago
:mostlygeek, I'm looking over my notes and we originally said that staging will be at:

https://content-cdn.stage.mozaws.net

Is that still the case?
(Assignee)

Comment 6

2 years ago
Yes that's right. The bug's description is wrong, the endpoints should be: 

prod : content.cdn.mozilla.net
stage: content-cdn.stage.mozaws.net
(Assignee)

Updated

10 days ago
Status: NEW → RESOLVED
Last Resolved: 10 days ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.