AWS/CloudFormation
From r00tedvw.com wiki
(Difference between revisions)
(Created page with "Quick Reference | AWS CLI | CloudFormation") |
|||
| Line 1: | Line 1: | ||
[[AWS/Quick_Reference|Quick Reference]] | [[AWS/CLI|AWS CLI]] | [[AWS/CloudFormation|CloudFormation]] | [[AWS/Quick_Reference|Quick Reference]] | [[AWS/CLI|AWS CLI]] | [[AWS/CloudFormation|CloudFormation]] | ||
| + | =Template Examples= | ||
| + | ==S3 Bucket== | ||
| + | Here is a CloudFormation Template (in yaml) that I used to create a S3 bucket with the following requirements: | ||
| + | *Public Read | ||
| + | *7 day retention policy | ||
| + | *Bucket Policy allowing access to all resources. | ||
| + | *Export the S3 bucket name, Secure URL, and Website URL for usage in other templates. | ||
| + | <nowiki>AWSTemplateFormatVersion: 2010-09-09 | ||
| + | |||
| + | Parameters: | ||
| + | BranchName: | ||
| + | Description: Branch Name | ||
| + | Type: String | ||
| + | |||
| + | Resources: | ||
| + | |||
| + | S3Bucket: | ||
| + | Type: AWS::S3::Bucket | ||
| + | Properties: | ||
| + | AccessControl: PublicRead | ||
| + | LifecycleConfiguration: | ||
| + | Rules: | ||
| + | - Status: Enabled | ||
| + | ExpirationInDays: 7 | ||
| + | WebsiteConfiguration: | ||
| + | IndexDocument: index.html | ||
| + | |||
| + | S3BucketPolicy: | ||
| + | Type: AWS::S3::BucketPolicy | ||
| + | Properties: | ||
| + | Bucket: | ||
| + | Ref: S3Bucket | ||
| + | PolicyDocument: | ||
| + | Statement: | ||
| + | - Sid: AddPerm | ||
| + | Effect: 'Allow' | ||
| + | Principal: '*' | ||
| + | Action: | ||
| + | - 's3:GetObject' | ||
| + | Resource: | ||
| + | Fn::Join: | ||
| + | - '' | ||
| + | - - 'arn:aws:s3:::' | ||
| + | - Ref: 'S3Bucket' | ||
| + | - '/**' | ||
| + | |||
| + | Outputs: | ||
| + | S3BucketName: | ||
| + | Value: | ||
| + | Ref: S3Bucket | ||
| + | Description: The S3 bucket name | ||
| + | Export: | ||
| + | Name: | ||
| + | Fn::Sub: ${AWS::StackName}-S3BucketName | ||
| + | |||
| + | S3BucketSecureURL: | ||
| + | Value: | ||
| + | Fn::Join: ['', ['http://', !GetAtt [S3Bucket, DomainName]]] | ||
| + | Description: Name of S3 bucket to hold Tenant Management website content | ||
| + | |||
| + | S3WebsiteURL: | ||
| + | Description: Website URL of the S3 Bucket | ||
| + | Value: !Select [1, !Split ["//", !GetAtt S3Bucket.WebsiteURL]] | ||
| + | Export: | ||
| + | Name: !Sub "${AWS::StackName}-S3WebsiteURL"</nowiki> | ||
Revision as of 17:23, 4 December 2019
Quick Reference | AWS CLI | CloudFormation
Template Examples
S3 Bucket
Here is a CloudFormation Template (in yaml) that I used to create a S3 bucket with the following requirements:
- Public Read
- 7 day retention policy
- Bucket Policy allowing access to all resources.
- Export the S3 bucket name, Secure URL, and Website URL for usage in other templates.
AWSTemplateFormatVersion: 2010-09-09
Parameters:
BranchName:
Description: Branch Name
Type: String
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
LifecycleConfiguration:
Rules:
- Status: Enabled
ExpirationInDays: 7
WebsiteConfiguration:
IndexDocument: index.html
S3BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: S3Bucket
PolicyDocument:
Statement:
- Sid: AddPerm
Effect: 'Allow'
Principal: '*'
Action:
- 's3:GetObject'
Resource:
Fn::Join:
- ''
- - 'arn:aws:s3:::'
- Ref: 'S3Bucket'
- '/**'
Outputs:
S3BucketName:
Value:
Ref: S3Bucket
Description: The S3 bucket name
Export:
Name:
Fn::Sub: ${AWS::StackName}-S3BucketName
S3BucketSecureURL:
Value:
Fn::Join: ['', ['http://', !GetAtt [S3Bucket, DomainName]]]
Description: Name of S3 bucket to hold Tenant Management website content
S3WebsiteURL:
Description: Website URL of the S3 Bucket
Value: !Select [1, !Split ["//", !GetAtt S3Bucket.WebsiteURL]]
Export:
Name: !Sub "${AWS::StackName}-S3WebsiteURL"
