We need to be able to view the Open API Specification 3 (OAS3) documentation via swagger-ui and via a confluence plugin. As a result, I have had to set up a few systems to allow this to happen.

I have already set up an S3 bucket that is connected to jenkins to allow the upload of files to an S3 bucket: connecting bitbucket to jenkins and I have also set up an EC2 with swagger running on it: Installing swagger ui on EC2. Now I need to allow access from several IPs

Set up S3 Bucket policy

Navigate to your S3 bucket via your AWS account and navigate to the permissions tab:

02 S3 bucket policy

Setup your bucket policy. Below is an example config that represents the one I used:

{
    "Version": "2018-04-10",
    "Id": "Policy1516185685583",
    "Statement": [

        {
            "Sid": "AllowSwagger",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::test-bucket-name/swagger/*",
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": [
                        "0.0.0.0/32",
                        "1.1.1.1/32",
                        "2.2.2.2/32",
                        "3.3.3.3/32",
                        "4.4.4.4/32"
                    ]
                }
            }
        }
    ]
}

This example will allow access to the S3 bucket directory named “swagger” (and everything underneath it on account of the wildcard) for the IP addresses listed. We had to list all of the IPs for our office and for our confluence wiki as the browser is making the request to the S3 bucket rather than the EC2 instance with swagger running.

We also need to allow the CORs headers as this is a requirement for swagger-ui and for the confluence plugin.

02 CORs headers

We should now be able to see our API specs via the domain specified on our EC2 instance.