Created
June 4, 2019 01:54
-
-
Save sangdongvan/3a063a9ba88747e60b574d54a6ca8560 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Conditions: | |
| CreateCodeBuildResources: !Equals | |
| - true | |
| - true | |
| CreateWebSiteS3Bucket: !Equals | |
| - false | |
| - true | |
| Description: A Java Spring web service deployed to AWS Lambda. | |
| Metadata: | |
| AWS::CloudFormation::Interface: | |
| ParameterGroups: | |
| - Label: | |
| default: Application | |
| Parameters: | |
| - ProjectId | |
| CodeBuildImage: aws/codebuild/eb-java-8-amazonlinux-64:2.4.3 | |
| CodeBuildImageOverride: aws/codebuild/eb-java-8-amazonlinux-64:2.4.3 | |
| IsWebsite: false | |
| ProjectTemplateId: webservice-javaspring-lambda | |
| WebsiteS3Bucket: !Ref 'WebsiteS3Bucket' | |
| Parameters: | |
| ProjectId: | |
| AllowedPattern: ^[a-z]([a-z0-9-])+$ | |
| ConstraintDescription: Project IDs must be between 2 and 15 characters, begin with a letter, and only contain lowercase letters, numbers, and hyphens (-). | |
| Description: Project ID. | |
| MaxLength: 15 | |
| MinLength: 2 | |
| Type: String | |
| RepositoryName: | |
| Description: AWS CodeCommit repository name. | |
| MaxLength: 100 | |
| MinLength: 1 | |
| Type: String | |
| Resources: | |
| CloudFormationTrustRole: | |
| Description: Creating service role in IAM for AWS CloudFormation | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Statement: | |
| - Action: sts:AssumeRole | |
| Effect: Allow | |
| Principal: | |
| Service: | |
| - cloudformation.amazonaws.com | |
| Path: / | |
| Policies: | |
| - PolicyDocument: | |
| Statement: | |
| - Action: | |
| - s3:PutObject | |
| - s3:GetObject | |
| - s3:GetObjectVersion | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}' | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}/*' | |
| - Action: | |
| - apigateway:DELETE | |
| - apigateway:GET | |
| - apigateway:PATCH | |
| - apigateway:POST | |
| - apigateway:PUT | |
| - codedeploy:CreateApplication | |
| - codedeploy:CreateDeployment | |
| - codedeploy:CreateDeploymentConfig | |
| - codedeploy:CreateDeploymentGroup | |
| - codedeploy:DeleteApplication | |
| - codedeploy:DeleteDeployment | |
| - codedeploy:DeleteDeploymentConfig | |
| - codedeploy:DeleteDeploymentGroup | |
| - codedeploy:GetDeployment | |
| - codedeploy:GetDeploymentConfig | |
| - codedeploy:GetDeploymentGroup | |
| - codedeploy:RegisterApplicationRevision | |
| - codestar:SyncResources | |
| - config:DeleteConfigRule | |
| - config:DescribeConfigRules | |
| - config:ListTagsForResource | |
| - config:PutConfigRule | |
| - config:TagResource | |
| - config:UntagResource | |
| - dynamodb:CreateTable | |
| - dynamodb:DeleteTable | |
| - dynamodb:DescribeContinuousBackups | |
| - dynamodb:DescribeTable | |
| - dynamodb:DescribeTimeToLive | |
| - dynamodb:ListTagsOfResource | |
| - dynamodb:TagResource | |
| - dynamodb:UntagResource | |
| - dynamodb:UpdateContinuousBackups | |
| - dynamodb:UpdateTable | |
| - dynamodb:UpdateTimeToLive | |
| - ec2:AssociateIamInstanceProfile | |
| - ec2:AttachVolume | |
| - ec2:CreateSecurityGroup | |
| - ec2:createTags | |
| - ec2:DescribeIamInstanceProfileAssociations | |
| - ec2:DescribeInstances | |
| - ec2:DescribeSecurityGroups | |
| - ec2:DescribeSubnets | |
| - ec2:DetachVolume | |
| - ec2:DisassociateIamInstanceProfile | |
| - ec2:ModifyInstanceAttribute | |
| - ec2:ModifyInstanceCreditSpecification | |
| - ec2:ModifyInstancePlacement | |
| - ec2:MonitorInstances | |
| - ec2:ReplaceIamInstanceProfileAssociation | |
| - ec2:RunInstances | |
| - ec2:StartInstances | |
| - ec2:StopInstances | |
| - ec2:TerminateInstances | |
| - events:DeleteRule | |
| - events:DescribeRule | |
| - events:ListTagsForResource | |
| - events:PutRule | |
| - events:PutTargets | |
| - events:RemoveTargets | |
| - events:TagResource | |
| - events:UntagResource | |
| - kinesis:AddTagsToStream | |
| - kinesis:CreateStream | |
| - kinesis:DecreaseStreamRetentionPeriod | |
| - kinesis:DeleteStream | |
| - kinesis:DescribeStream | |
| - kinesis:IncreaseStreamRetentionPeriod | |
| - kinesis:RemoveTagsFromStream | |
| - kinesis:StartStreamEncryption | |
| - kinesis:StopStreamEncryption | |
| - kinesis:UpdateShardCount | |
| - lambda:CreateAlias | |
| - lambda:CreateFunction | |
| - lambda:DeleteAlias | |
| - lambda:DeleteFunction | |
| - lambda:DeleteFunctionConcurrency | |
| - lambda:GetFunction | |
| - lambda:GetFunctionConfiguration | |
| - lambda:ListTags | |
| - lambda:ListVersionsByFunction | |
| - lambda:PublishVersion | |
| - lambda:PutFunctionConcurrency | |
| - lambda:TagResource | |
| - lambda:UntagResource | |
| - lambda:UpdateAlias | |
| - lambda:UpdateFunctionCode | |
| - lambda:UpdateFunctionConfiguration | |
| - s3:CreateBucket | |
| - s3:DeleteBucket | |
| - s3:DeleteBucketWebsite | |
| - s3:PutAccelerateConfiguration | |
| - s3:PutAnalyticsConfiguration | |
| - s3:PutBucketAcl | |
| - s3:PutBucketCORS | |
| - s3:PutBucketLogging | |
| - s3:PutBucketNotification | |
| - s3:PutBucketPublicAccessBlock | |
| - s3:PutBucketVersioning | |
| - s3:PutBucketWebsite | |
| - s3:PutEncryptionConfiguration | |
| - s3:PutInventoryConfiguration | |
| - s3:PutLifecycleConfiguration | |
| - s3:PutMetricsConfiguration | |
| - s3:PutReplicationConfiguration | |
| - sns:CreateTopic | |
| - sns:DeleteTopic | |
| - sns:GetTopicAttributes | |
| - sns:ListSubscriptionsByTopic | |
| - sns:ListTopics | |
| - sns:SetSubscriptionAttributes | |
| - sns:Subscribe | |
| - sns:Unsubscribe | |
| - sqs:CreateQueue | |
| - sqs:DeleteQueue | |
| - sqs:GetQueueAttributes | |
| - sqs:GetQueueUrl | |
| - sqs:ListQueueTags | |
| - sqs:TagQueue | |
| - sqs:UntagQueue | |
| Effect: Allow | |
| Resource: '*' | |
| - Action: | |
| - lambda:AddPermission | |
| - lambda:RemovePermission | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:awscodestar-*' | |
| - Action: | |
| - iam:PassRole | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:iam::${AWS::AccountId}:role/CodeStar-${ProjectId}*' | |
| - Action: | |
| - iam:PassRole | |
| Condition: | |
| StringEquals: | |
| iam:PassedToService: codedeploy.amazonaws.com | |
| Effect: Allow | |
| Resource: | |
| - !GetAtt | |
| - CodeDeployTrustRole | |
| - Arn | |
| - Action: | |
| - cloudformation:CreateChangeSet | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:cloudformation:${AWS::Region}:aws:transform/Serverless-2016-10-31' | |
| - !Sub 'arn:${AWS::Partition}:cloudformation:${AWS::Region}:aws:transform/CodeStar' | |
| - Action: | |
| - iam:CreateServiceLinkedRole | |
| - iam:GetRole | |
| - iam:DeleteRole | |
| - iam:DeleteUser | |
| Effect: Allow | |
| Resource: '*' | |
| - Action: | |
| - iam:AttachRolePolicy | |
| - iam:AttachUserPolicy | |
| - iam:CreateRole | |
| - iam:CreateUser | |
| - iam:DeleteRolePolicy | |
| - iam:DeleteUserPolicy | |
| - iam:DetachUserPolicy | |
| - iam:DetachRolePolicy | |
| - iam:PutUserPermissionsBoundary | |
| - iam:PutRolePermissionsBoundary | |
| Condition: | |
| StringEquals: | |
| iam:PermissionsBoundary: !Sub 'arn:${AWS::Partition}:iam::${AWS::AccountId}:policy/CodeStar_${ProjectId}_PermissionsBoundary' | |
| Effect: Allow | |
| Resource: '*' | |
| - Action: | |
| - kms:CreateKey | |
| - kms:CreateAlias | |
| - kms:DeleteAlias | |
| - kms:DisableKey | |
| - kms:EnableKey | |
| - kms:UpdateAlias | |
| - kms:TagResource | |
| - kms:UntagResource | |
| Effect: Allow | |
| Resource: '*' | |
| - Action: | |
| - ssm:GetParameter* | |
| Condition: | |
| StringEquals: | |
| ssm:ResourceTag/awscodestar:projectArn: !Sub 'arn:${AWS::Partition}:codestar:${AWS::Region}:${AWS::AccountId}:project/${ProjectId}' | |
| Effect: Allow | |
| Resource: '*' | |
| PolicyName: CodeStarWorkerCloudFormationRolePolicy | |
| RoleName: !Join | |
| - '-' | |
| - - CodeStarWorker | |
| - !Ref 'ProjectId' | |
| - CloudFormation | |
| Type: AWS::IAM::Role | |
| CodeBuildProject: | |
| Condition: CreateCodeBuildResources | |
| DependsOn: | |
| - ToolChainRole | |
| Properties: | |
| Artifacts: | |
| Packaging: zip | |
| Type: codepipeline | |
| Description: !Join | |
| - '' | |
| - - 'AWS CodeStar created CodeBuild Project for ' | |
| - !Ref 'ProjectId' | |
| Environment: | |
| ComputeType: small | |
| EnvironmentVariables: | |
| - Name: S3_BUCKET | |
| Value: !Ref 'S3Bucket' | |
| - Name: WEBSITE_S3_PREFIX | |
| Value: !If | |
| - CreateWebSiteS3Bucket | |
| - !Join | |
| - '' | |
| - - https://s3.amazonaws.com/ | |
| - !Ref 'WebsiteS3Bucket' | |
| - NoVal | |
| - Name: WEBSITE_S3_BUCKET | |
| Value: !If | |
| - CreateWebSiteS3Bucket | |
| - !Ref 'WebsiteS3Bucket' | |
| - NoVal | |
| - Name: PROJECT_ID | |
| Value: !Ref 'ProjectId' | |
| - Name: ACCOUNT_ID | |
| Value: !Ref 'AWS::AccountId' | |
| - Name: PARTITION | |
| Value: !Ref 'AWS::Partition' | |
| Image: aws/codebuild/eb-java-8-amazonlinux-64:2.4.3 | |
| Type: LINUX_CONTAINER | |
| Name: !Ref 'ProjectId' | |
| ServiceRole: !Ref 'ToolChainRole' | |
| Source: | |
| Type: codepipeline | |
| Type: AWS::CodeBuild::Project | |
| CodeCommitRepo: | |
| Description: Creating AWS CodeCommit repository for application source code | |
| Properties: | |
| RepositoryDescription: !Join | |
| - '' | |
| - - !Ref 'ProjectId' | |
| - ' project repository' | |
| RepositoryName: !Ref 'RepositoryName' | |
| Type: AWS::CodeCommit::Repository | |
| CodeDeployTrustRole: | |
| Description: The service role to be created in IAM for AWS CodeDeploy | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Statement: | |
| - Action: sts:AssumeRole | |
| Effect: Allow | |
| Principal: | |
| Service: | |
| - codedeploy.amazonaws.com | |
| ManagedPolicyArns: | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda' | |
| Path: / | |
| RoleName: !Sub 'CodeStarWorker-${ProjectId}-CodeDeploy' | |
| Type: AWS::IAM::Role | |
| PermissionsBoundaryPolicy: | |
| Description: Creating an IAM managed policy for defining the permissions boundary for an AWS CodeStar project | |
| Properties: | |
| Description: IAM policy to define the permissions boundary for IAM entities created in an AWS CodeStar project | |
| ManagedPolicyName: !Sub 'CodeStar_${ProjectId}_PermissionsBoundary' | |
| PolicyDocument: | |
| Statement: | |
| - Action: | |
| - '*' | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:cloudformation:${AWS::Region}:${AWS::AccountId}:stack/awscodestar-${ProjectId}-lambda/*' | |
| - !Sub 'arn:${AWS::Partition}:codebuild:${AWS::Region}:${AWS::AccountId}:project/${ProjectId}' | |
| - !Sub 'arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${RepositoryName}' | |
| - !Sub 'arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${ProjectId}-Pipeline' | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}' | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}/*' | |
| - !If | |
| - CreateWebSiteS3Bucket | |
| - !Sub 'arn:${AWS::Partition}:s3:::${WebsiteS3Bucket}' | |
| - !Ref 'AWS::NoValue' | |
| - !If | |
| - CreateWebSiteS3Bucket | |
| - !Sub 'arn:${AWS::Partition}:s3:::${WebsiteS3Bucket}/*' | |
| - !Ref 'AWS::NoValue' | |
| Sid: 1 | |
| - Action: | |
| - kms:Encrypt | |
| - kms:Decrypt | |
| - kms:GenerateDataKey | |
| Effect: Allow | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:kms:${AWS::Region}:${AWS::AccountId}:alias/aws/s3' | |
| Sid: 2 | |
| - Action: | |
| - iam:PassRole | |
| Effect: Allow | |
| Resource: | |
| - !GetAtt 'CloudFormationTrustRole.Arn' | |
| Sid: 3 | |
| - Action: | |
| - cloudtrail:CreateTrail | |
| - cloudtrail:StartLogging | |
| - logs:CreateLogGroup | |
| - logs:CreateLogStream | |
| - logs:DescribeLogGroups | |
| - logs:PutLogEvents | |
| - sns:Get* | |
| - sns:List* | |
| - sns:Publish | |
| - sns:Subscribe | |
| - xray:Put* | |
| Effect: Allow | |
| Resource: '*' | |
| Sid: 4 | |
| Version: 2012-10-17 | |
| Type: AWS::IAM::ManagedPolicy | |
| ProjectPipeline: | |
| DependsOn: | |
| - ToolChainRole | |
| - S3Bucket | |
| - CodeBuildProject | |
| - CloudFormationTrustRole | |
| Description: Creating a deployment pipeline for your project in AWS CodePipeline | |
| Properties: | |
| ArtifactStore: | |
| Location: !Ref 'S3Bucket' | |
| Type: S3 | |
| Name: !Sub '${ProjectId}-Pipeline' | |
| RoleArn: !GetAtt | |
| - ToolChainRole | |
| - Arn | |
| Stages: | |
| - Actions: | |
| - ActionTypeId: | |
| Category: Source | |
| Owner: AWS | |
| Provider: CodeCommit | |
| Version: 1 | |
| Configuration: | |
| BranchName: master | |
| PollForSourceChanges: false | |
| RepositoryName: !Ref 'RepositoryName' | |
| InputArtifacts: [ | |
| ] | |
| Name: ApplicationSource | |
| OutputArtifacts: | |
| - Name: !Sub '${ProjectId}-SourceArtifact' | |
| RunOrder: 1 | |
| Name: Source | |
| - Actions: | |
| - ActionTypeId: | |
| Category: Build | |
| Owner: AWS | |
| Provider: CodeBuild | |
| Version: 1 | |
| Configuration: | |
| ProjectName: !Ref 'ProjectId' | |
| InputArtifacts: | |
| - Name: !Sub '${ProjectId}-SourceArtifact' | |
| Name: PackageExport | |
| OutputArtifacts: | |
| - Name: !Sub '${ProjectId}-BuildArtifact' | |
| RunOrder: 1 | |
| Name: Build | |
| - Actions: | |
| - ActionTypeId: | |
| Category: Deploy | |
| Owner: AWS | |
| Provider: CloudFormation | |
| Version: 1 | |
| Configuration: | |
| ActionMode: CHANGE_SET_REPLACE | |
| Capabilities: CAPABILITY_NAMED_IAM | |
| ChangeSetName: pipeline-changeset | |
| ParameterOverrides: !Sub '{"ProjectId":"${ProjectId}", "CodeDeployRole":"${CodeDeployTrustRole.Arn}"}' | |
| RoleArn: !GetAtt | |
| - CloudFormationTrustRole | |
| - Arn | |
| StackName: !Sub 'awscodestar-${ProjectId}-lambda' | |
| TemplateConfiguration: !Sub '${ProjectId}-BuildArtifact::template-configuration.json' | |
| TemplatePath: !Sub '${ProjectId}-BuildArtifact::template-export.yml' | |
| InputArtifacts: | |
| - Name: !Sub '${ProjectId}-BuildArtifact' | |
| Name: GenerateChangeSet | |
| OutputArtifacts: [ | |
| ] | |
| RunOrder: 1 | |
| - ActionTypeId: | |
| Category: Deploy | |
| Owner: AWS | |
| Provider: CloudFormation | |
| Version: 1 | |
| Configuration: | |
| ActionMode: CHANGE_SET_EXECUTE | |
| ChangeSetName: pipeline-changeset | |
| StackName: !Sub 'awscodestar-${ProjectId}-lambda' | |
| InputArtifacts: [ | |
| ] | |
| Name: ExecuteChangeSet | |
| OutputArtifacts: [ | |
| ] | |
| RunOrder: 2 | |
| Name: Deploy | |
| Type: AWS::CodePipeline::Pipeline | |
| S3ArtifactBucketPolicy: | |
| Description: Setting Amazon S3 bucket policy for AWS CodePipeline access | |
| Properties: | |
| Bucket: !Ref 'S3Bucket' | |
| PolicyDocument: | |
| Id: SSEAndSSLPolicy | |
| Statement: | |
| - Action: | |
| - s3:GetObject | |
| - s3:GetObjectVersion | |
| - s3:GetBucketVersioning | |
| Condition: | |
| Bool: | |
| aws:SecureTransport: false | |
| Effect: Allow | |
| Principal: | |
| AWS: | |
| - !GetAtt | |
| - ToolChainRole | |
| - Arn | |
| - !GetAtt | |
| - CloudFormationTrustRole | |
| - Arn | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}' | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}/*' | |
| Sid: WhitelistedGet | |
| - Action: | |
| - s3:PutObject | |
| Effect: Allow | |
| Principal: | |
| AWS: | |
| - !GetAtt | |
| - ToolChainRole | |
| - Arn | |
| Resource: | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}' | |
| - !Sub 'arn:${AWS::Partition}:s3:::${S3Bucket}/*' | |
| Sid: WhitelistedPut | |
| Version: 2012-10-17 | |
| Type: AWS::S3::BucketPolicy | |
| S3Bucket: | |
| DeletionPolicy: Retain | |
| Description: Creating Amazon S3 bucket for AWS CodePipeline artifacts | |
| Properties: | |
| BucketName: !Join | |
| - '-' | |
| - - aws | |
| - codestar | |
| - !Ref 'AWS::Region' | |
| - !Ref 'AWS::AccountId' | |
| - !Ref 'ProjectId' | |
| - pipe | |
| Tags: | |
| - Key: Name | |
| Value: !Join | |
| - '-' | |
| - - !Ref 'ProjectId' | |
| - S3Bucket | |
| VersioningConfiguration: | |
| Status: Enabled | |
| Type: AWS::S3::Bucket | |
| SourceEvent: | |
| Properties: | |
| Description: Rule for Amazon CloudWatch Events to detect changes to the source repository and trigger pipeline execution | |
| EventPattern: | |
| detail: | |
| event: | |
| - referenceCreated | |
| - referenceUpdated | |
| referenceName: | |
| - master | |
| referenceType: | |
| - branch | |
| detail-type: | |
| - CodeCommit Repository State Change | |
| resources: | |
| - !GetAtt 'CodeCommitRepo.Arn' | |
| source: | |
| - aws.codecommit | |
| Name: !Join | |
| - '-' | |
| - - awscodestar | |
| - !Ref 'ProjectId' | |
| - SourceEvent | |
| State: ENABLED | |
| Targets: | |
| - Arn: !Sub 'arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:${ProjectId}-Pipeline' | |
| Id: ProjectPipelineTarget | |
| RoleArn: !GetAtt 'ToolChainRole.Arn' | |
| Type: AWS::Events::Rule | |
| ToolChainRole: | |
| Description: Creating toolchain role in IAM for Amazon EC2 instances | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Statement: | |
| - Action: sts:AssumeRole | |
| Effect: Allow | |
| Principal: | |
| Service: | |
| - codebuild.amazonaws.com | |
| - codedeploy.amazonaws.com | |
| - codepipeline.amazonaws.com | |
| - codestar.amazonaws.com | |
| - elasticbeanstalk.amazonaws.com | |
| - events.amazonaws.com | |
| - lambda.amazonaws.com | |
| ManagedPolicyArns: | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSCodeCommitFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSCodeBuildAdminAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSCodeDeployFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSCodePipelineFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSElasticBeanstalkFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSLambdaFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AWSCodeStarFullAccess' | |
| - !Sub 'arn:${AWS::Partition}:iam::aws:policy/CloudWatchEventsFullAccess' | |
| Path: / | |
| PermissionsBoundary: !Ref 'PermissionsBoundaryPolicy' | |
| Policies: | |
| - PolicyDocument: | |
| Statement: | |
| - Action: | |
| - kms:GenerateDataKey* | |
| - kms:Encrypt | |
| - kms:Decrypt | |
| Effect: Allow | |
| Resource: '*' | |
| PolicyName: ToolChainWorkerPolicy | |
| RoleName: !Sub 'CodeStarWorker-${ProjectId}-ToolChain' | |
| Type: AWS::IAM::Role | |
| WebsiteS3Bucket: | |
| Condition: CreateWebSiteS3Bucket | |
| DeletionPolicy: Retain | |
| Description: Creating Amazon S3 bucket for Website static artifacts | |
| Properties: | |
| BucketName: !Sub 'aws-codestar-${AWS::Region}-${AWS::AccountId}-${ProjectId}-app' | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${ProjectId}-WebsiteS3Bucket' | |
| VersioningConfiguration: | |
| Status: Enabled | |
| Type: AWS::S3::Bucket |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment