From f1a0d700e11c5fbc974cef65f13319bb6e92c2ea Mon Sep 17 00:00:00 2001
From: Felix <23635466+its-felix@users.noreply.github.com>
Date: Sat, 4 May 2024 04:00:12 +0200
Subject: [PATCH] enable cf permissions again

---
 cdk/lib/constructs/ui-resources-construct.ts | 2 ++
 cdk/lib/stacks/website-stack.ts              | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/cdk/lib/constructs/ui-resources-construct.ts b/cdk/lib/constructs/ui-resources-construct.ts
index f56ce30..7cb4d13 100644
--- a/cdk/lib/constructs/ui-resources-construct.ts
+++ b/cdk/lib/constructs/ui-resources-construct.ts
@@ -35,6 +35,7 @@ export class UIResourcesConstruct extends Construct {
 
   private grantReadInternal(distributionArn: string): void {
     this.bucket.addToResourcePolicy(new PolicyStatement({
+      sid: 'AllowCloudFrontServicePrincipalGet',
       effect: Effect.ALLOW,
       actions: ['s3:GetObject'],
       principals: [new ServicePrincipal('cloudfront')],
@@ -43,6 +44,7 @@ export class UIResourcesConstruct extends Construct {
     }));
 
     this.bucket.addToResourcePolicy(new PolicyStatement({
+      sid: 'AllowCloudFrontServicePrincipalList',
       effect: Effect.ALLOW,
       actions: ['s3:ListBucket'],
       principals: [new ServicePrincipal('cloudfront')],
diff --git a/cdk/lib/stacks/website-stack.ts b/cdk/lib/stacks/website-stack.ts
index 8fc6653..159bca7 100644
--- a/cdk/lib/stacks/website-stack.ts
+++ b/cdk/lib/stacks/website-stack.ts
@@ -34,7 +34,7 @@ export class WebsiteStack extends cdk.Stack {
       apiLambdaFunctionURL: api.functionURL,
     });
 
-    // uiResources.grantRead(cf.distribution);
+    uiResources.grantRead(cf.distribution);
     uiResources.deployResourcesZip(props.uiResourcesZipPath, cf.distribution);
 
     this.distribution = cf.distribution;