fix: ensure all SQS actions use SSL (#141)

* fix: ensure all SQS actions use SSL * docs: update increase security readme example * chore: self mutation Signed-off-by: github-actions <[email protected]> --------- Signed-off-by: github-actions <[email protected]> Co-authored-by: github-actions <[email protected]>
jetbridge · Oct 2, 2023 · c41e1d1 · c41e1d1
1 parent 60da6e2
commit c41e1d1
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 19 deletions.
diff --git a/API.md b/API.md
diff --git a/README.md b/README.md
@@ -57,15 +57,6 @@ export class UiStack {
     new Nextjs(this, "NextSite", {
       nextjsPath: "...",
       defaults: {
-        assetDeployment: {
-          bucket: new Bucket(this, "NextjsAssetDeploymentBucket", {
-            autoDeleteObjects: true,
-            removalPolicy: RemovalPolicy.DESTROY,
-            encryption: BucketEncryption.S3_MANAGED,
-            enforceSSL: true,
-            blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
-          }),
-        },
         distribution: {
           functionUrlAuthType: FunctionUrlAuthType.AWS_IAM,
           cdk: {

diff --git a/src/NextjsRevalidation.ts b/src/NextjsRevalidation.ts
@@ -62,7 +62,7 @@ export class NextjsRevalidation extends Construct {
     queue.addToResourcePolicy(
       new PolicyStatement({
         sid: 'DenyUnsecureTransport',
-        actions: ['sqs:SendMessage', 'sqs:ReceiveMessage'],
+        actions: ['sqs:*'],
         effect: Effect.DENY,
         principals: [new AnyPrincipal()],
         resources: [queue.queueArn],