rekahsoft
/
blog-rekahsoft-ca
1
1
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

Remove cloudformation deployment 

Signed-off-by: Collin J. Doering <collin.doering@rekahsoft.ca>
This commit is contained in:
Collin J. Doering 2018-07-13 17:17:06 -04:00
parent 364762e223
commit a35aa7743b
Signed by: rekahsoft
GPG Key ID: 7B4DEB93212B3022
2 changed files with 0 additions and 235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
blog-rekahsoft.yaml
View File

@ -1,175 +0,0 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: RekahSoft blog stack
#
# Parameters
#
Parameters:
AlternateURLs:
Type: CommaDelimitedList
Default: ''
Description: A list of URLs that act as aliases for accessing the cloudfront site
PriceClass:
Type: String
AllowedValues: [PriceClass_100, PriceClass_200, PriceClass_All]
Default: PriceClass_100
Description: The cloud front price class to use with the web distribution
#
# Conditions
#
Conditions:
NoAlternateURLs: !Equals [!Join [',', !Ref AlternateURLs], '' ]
#
# Resources
#
Resources:
User:
Type: AWS::IAM::User
AccessKeyUser:
Type: AWS::IAM::AccessKey
Properties:
UserName: !Ref User
S3Bucket:
Type: AWS::S3::Bucket
Properties:
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: error.html
S3BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
PolicyDocument:
Id: S3BucketPolicy
Version: '2012-10-17'
Statement:
- Sid: ListAccess
Action:
- s3:ListBucket
Effect: Allow
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket]]
Principal:
AWS: !GetAtt User.Arn
- Sid: ReadWriteAccess
Action:
- s3:GetObject
- s3:PutObject
- s3:DeleteObject
Effect: Allow
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']]
Principal:
AWS: !GetAtt User.Arn
- Sid: PublicReadAccess
Action:
- s3:GetObject
Effect: Allow
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']]
Principal: '*'
Bucket: !Ref S3Bucket
LogsBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
PolicyDocument:
Id: LogsBucketPolicy
Version: '2012-10-17'
Statement:
- Sid: ReadWriteAccess
Action:
- s3:GetObject
- s3:PutObject
- s3:DeleteObject
Effect: Allow
Resource: !Join ['', ['arn:aws:s3:::', !Ref LogsBucket, '/*']]
Principal:
AWS: !GetAtt User.Arn
Bucket: !Ref LogsBucket
LogsBucket:
Type: AWS::S3::Bucket
CloudfrontDistribution:
Type: AWS::CloudFront::Distribution
DependsOn:
- S3Bucket
- LogsBucket
Properties:
DistributionConfig:
Origins:
- DomainName: !GetAtt S3Bucket.DomainName # mybucket.s3.amazonaws.com
Id: S3Origin
S3OriginConfig:
OriginAccessIdentity: ''# origin-access-identity/cloudfront/S3Origin
Enabled: true
HttpVersion: http2
Comment: Some comment
DefaultRootObject: index.html
Logging:
IncludeCookies: false
Bucket: !GetAtt LogsBucket.DomainName # mylogs.s3.amazonaws.com
Prefix: myprefix
Aliases: !If [NoAlternateURLs, !Ref 'AWS::NoValue', !Ref AlternateURLs ]
CacheBehaviors:
- AllowedMethods:
- GET
- HEAD
- OPTIONS
TargetOriginId: S3Origin
MaxTTL: 0
MinTTL: 0
DefaultTTL: 0
PathPattern: index.html
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
# TrustedSigners:
# - 1234567890EX
# - 1234567891EX
ViewerProtocolPolicy: allow-all
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
- OPTIONS
TargetOriginId: S3Origin
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
# TrustedSigners:
# - 1234567890EX
# - 1234567891EX
ViewerProtocolPolicy: allow-all
PriceClass: !Ref PriceClass
Restrictions:
GeoRestriction:
RestrictionType: whitelist
Locations:
- CA
ViewerCertificate:
CloudFrontDefaultCertificate: 'true'
#
# Outputs
#
Outputs:
WebAddress:
Value: !GetAtt CloudfrontDistribution.DomainName
S3Bucket:
Value: !Ref S3Bucket
LogsBucket:
Value: !Ref LogsBucket
UserAccessKey:
Value: !Ref AccessKeyUser
UserSecretKey:
Value: !GetAtt AccessKeyUser.SecretAccessKey

60
init-env.sh
View File

@ -1,60 +0,0 @@
#!/bin/bash
TEMPLATE="blog-rekahsoft.yaml"
display_help() {
cat <<EOF
Usage: init_env.sh [create|update] <stack-name> <cf-bucket> <cnames>
init_env.sh init <cf-bucket>
init_env.sh info <stack-name>
init_env.sh [help|--help|-h]
EOF
}
display_info() {
# Get parameters needed for gitlab-ci.yaml
S3_BUCKET=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='S3Bucket'].OutputValue" --output text)
USER_ACCESS_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserAccessKey'].OutputValue" --output text)
USER_SECRET_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserSecretKey'].OutputValue" --output text)
echo "S3 Bucket: ${S3_BUCKET}"
echo "Access Key: ${USER_ACCESS_KEY}"
echo "Secret Key: ${USER_SECRET_KEY}"
}
# Variables set by the user using cli arguments
OP="$1"
STACK_NAME="$2"
BUCKET="$3"
CNAMES="$4"
case "$OP" in
init)
BUCKET="$2"
aws s3 mb "s3://${BUCKET}"
;;
update|create)
# Push cloudformation template to provided bucket
aws s3 cp "$TEMPLATE" "s3://${BUCKET}"
# Create cloudformation stack
aws cloudformation "${OP}-stack" --stack-name "$STACK_NAME" --template-url "https://${BUCKET}.s3.amazonaws.com/${TEMPLATE}" --parameters ParameterKey=AlternateURLs,ParameterValue=\"${CNAMES}\" --capabilities CAPABILITY_IAM
aws cloudformation wait stack-update-complete --stack-name "$STACK_NAME"
display_info
;;
info)
display_info
;;
help|--help|-h)
display_help
;;
*)
echo "Invalid operation! See $0 --help"
exit 1
;;
esac
# Exit gracefully
exit 0