AWS CloudFormation Resource Types: Difference between revisions
| Line 83: | Line 83: | ||
=AWS::ElasticLoadBalancingV2= | =AWS::ElasticLoadBalancingV2= | ||
{{External|[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-reference-elasticloadbalancingv2.html Elastic Load Balancing V2 Resource Types Reference] | {{External|[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-reference-elasticloadbalancingv2.html Elastic Load Balancing V2 Resource Types Reference]}} | ||
{{Internal|AWS Elastic Load Balancing Deployment with CloudFormation|AWS Elastic Load Balancing Deployment with CloudFormation}} | |||
=AWS::IAM= | =AWS::IAM= | ||
Revision as of 18:24, 2 April 2019
External
Internal
AWS::ApiGateway
AWS::CloudFormation
AWS::CloudFormation::Stack
AWS::CloudFormation::Stack enables nesting another stack as a resource within a template.
AWS::CodeBuild
AWS::CodeBuild::Project
Note that if the "Name" property is used, the physical ID of the created CodeBuild project will use that value, otherwise the name will be generated with the pattern CodeBuildProjectLogicalID-apCFy5I1KyH8. Recommended name:
Resources:
CodeBuildProject:
Type: AWS::CodeBuild::Project
Properties:
Name: !Ref AWS::StackName
For an example of a CodeBuild build project that integrates with a CodePipeline see:
AWS::CodePipeline
AWS::CodePipeline::Pipeline
Creates a CodePipeline pipeline. Other pipeline examples:
Note that if the "Name" property is used, the physical ID of the created pipeline will use that value, otherwise the name will be generated with the pattern stack-name-Pipeline-24RCYXM52UE6A. Recommended name:
Resources:
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: !Ref AWS::StackName
AWS::EC2
AWS::EC2::SecurityGroup
Resources:
ServiceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: '...'
VpcId:
Fn::ImportValue: !Join [':', [!Ref 'DeploymentStackName', 'VPCId']]
GroupName: !Sub ${ECRRepository}-sg
SecurityGroupIngress:
- IpProtocol: -1
CidrIp: 10.0.0.0/8
AWS::ECR
AWS::ECR::Repository
Resources:
Repository:
Type: AWS::ECR::Repository
Properties:
RepositoryName: some-docker-repository-name
AWS::ECS
AWS::ElasticLoadBalancingV2
AWS::IAM
AWS::IAM::Role
The following sequence creates an IAM Role:
Resources:
CodeBuildServiceRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Sub '${AWS::StackName}-codebuild-service-role'
Path: '/service-role/'
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Principal:
Service:
- "codebuild.amazonaws.com"
Action:
- "sts:AssumeRole"
Policies:
- PolicyName: 'aggregated-inline-policy'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 's3:ListBucket'
Resource:
- '*'
Naming. If this role is declared by a "thalarion" stack, then, after successful creation, the role's physical ID will be "thalarion-CodeBuildServiceRole-A479B6WNRHSSG". A custom name can be forced with the "RoleName", as shown above.
AWS::Lambda
AWS::Lambda::Function
AWS::Logs
AWS::Logs::LogGroup
AWS::S3
AWS::S3::Bucket
Resources:
TestBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub '${AWS::StackName}-test-bucket'
AccessControl: BucketOwnerFullControl
Naming If no "BucketName" property is specified, the bucket will be named based on the pattern <stack-name>-<resource-name-all-lowercases>-2a3et4c9f3bas. A custom name can be set with "BucketName".