Problem
Engineering oncall is often asked to manually remove objects from S3 and invalidate them in CloudFront. This should be something the Isomer Admin team can do themselves from Studio, under God mode, without a deploy or AWS console runbook.
Proposed solution
Add a self-serve flow in Studio God mode that:
- Accepts one path at a time (no batch in v1).
- Runs the same operations as the current manual process: delete from the assets S3 bucket and create a CloudFront invalidation for that path.
Reference implementation (today’s manual script): tooling/s3/remove/remove.sh — dry run / delete loop against the bucket, then aws cloudfront create-invalidation with the path(s). Product logic should mirror this (bucket, distribution, path semantics), with secrets/config handled appropriately for the app environment.
Acceptance criteria
- Single item input — User submits one asset path per action (no multi-row / bulk upload in v1).
- Input format — User enters the object key in the form
/SITE_ID/UUID only (leading slash, site id segment, UUID segment). Do not require or parse full URLs, query strings, or file extensions; this avoids confusion with URL encoding and duplicate “same file, different encoding” issues. If the user pastes more than needed, validation should normalize or reject clearly (product decision), but the canonical accepted shape is /SITE_ID/UUID.
- Validation — The
/SITE_ID/UUID shape is enforced in both the frontend and the backend (never trust client-only checks).
- Loading / completion — After submit, the UI stays in a loading / in-progress state until both steps finish: S3 removal and CloudFront invalidation (these can take a noticeable amount of time; no premature “success” after only one step).
- UI / polish — Visual polish is not the priority for v1. Reuse the same OGP design system and patterns as other God mode features; functional correctness and safe ops matter more than bespoke UI.
Notes / constraints
- CloudFront invalidation is priced per path; keeping one path per action aligns with controlled cost and matches the “one item at a time” requirement.
- Backend should use the same bucket and distribution semantics as production assets removal today (see script); wire IDs via config/secrets as appropriate for Studio’s environment.
Problem
Engineering oncall is often asked to manually remove objects from S3 and invalidate them in CloudFront. This should be something the Isomer Admin team can do themselves from Studio, under God mode, without a deploy or AWS console runbook.
Proposed solution
Add a self-serve flow in Studio God mode that:
Reference implementation (today’s manual script):
tooling/s3/remove/remove.sh— dry run / delete loop against the bucket, thenaws cloudfront create-invalidationwith the path(s). Product logic should mirror this (bucket, distribution, path semantics), with secrets/config handled appropriately for the app environment.Acceptance criteria
/SITE_ID/UUIDonly (leading slash, site id segment, UUID segment). Do not require or parse full URLs, query strings, or file extensions; this avoids confusion with URL encoding and duplicate “same file, different encoding” issues. If the user pastes more than needed, validation should normalize or reject clearly (product decision), but the canonical accepted shape is/SITE_ID/UUID./SITE_ID/UUIDshape is enforced in both the frontend and the backend (never trust client-only checks).Notes / constraints