diff --git a/blog-rekahsoft.yaml b/blog-rekahsoft.yaml deleted file mode 100644 index ab91b09..0000000 --- a/blog-rekahsoft.yaml +++ /dev/null @@ -1,175 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Description: RekahSoft blog stack - -# -# Parameters -# - -Parameters: - AlternateURLs: - Type: CommaDelimitedList - Default: '' - Description: A list of URLs that act as aliases for accessing the cloudfront site - PriceClass: - Type: String - AllowedValues: [PriceClass_100, PriceClass_200, PriceClass_All] - Default: PriceClass_100 - Description: The cloud front price class to use with the web distribution - - -# -# Conditions -# - -Conditions: - NoAlternateURLs: !Equals [!Join [',', !Ref AlternateURLs], '' ] - - -# -# Resources -# - -Resources: - User: - Type: AWS::IAM::User - AccessKeyUser: - Type: AWS::IAM::AccessKey - Properties: - UserName: !Ref User - - S3Bucket: - Type: AWS::S3::Bucket - Properties: - WebsiteConfiguration: - IndexDocument: index.html - ErrorDocument: error.html - S3BucketPolicy: - Type: AWS::S3::BucketPolicy - Properties: - PolicyDocument: - Id: S3BucketPolicy - Version: '2012-10-17' - Statement: - - Sid: ListAccess - Action: - - s3:ListBucket - Effect: Allow - Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket]] - Principal: - AWS: !GetAtt User.Arn - - Sid: ReadWriteAccess - Action: - - s3:GetObject - - s3:PutObject - - s3:DeleteObject - Effect: Allow - Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']] - Principal: - AWS: !GetAtt User.Arn - - Sid: PublicReadAccess - Action: - - s3:GetObject - Effect: Allow - Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']] - Principal: '*' - Bucket: !Ref S3Bucket - - LogsBucketPolicy: - Type: AWS::S3::BucketPolicy - Properties: - PolicyDocument: - Id: LogsBucketPolicy - Version: '2012-10-17' - Statement: - - Sid: ReadWriteAccess - Action: - - s3:GetObject - - s3:PutObject - - s3:DeleteObject - Effect: Allow - Resource: !Join ['', ['arn:aws:s3:::', !Ref LogsBucket, '/*']] - Principal: - AWS: !GetAtt User.Arn - Bucket: !Ref LogsBucket - LogsBucket: - Type: AWS::S3::Bucket - - CloudfrontDistribution: - Type: AWS::CloudFront::Distribution - DependsOn: - - S3Bucket - - LogsBucket - Properties: - DistributionConfig: - Origins: - - DomainName: !GetAtt S3Bucket.DomainName # mybucket.s3.amazonaws.com - Id: S3Origin - S3OriginConfig: - OriginAccessIdentity: ''# origin-access-identity/cloudfront/S3Origin - Enabled: true - HttpVersion: http2 - Comment: Some comment - DefaultRootObject: index.html - Logging: - IncludeCookies: false - Bucket: !GetAtt LogsBucket.DomainName # mylogs.s3.amazonaws.com - Prefix: myprefix - Aliases: !If [NoAlternateURLs, !Ref 'AWS::NoValue', !Ref AlternateURLs ] - CacheBehaviors: - - AllowedMethods: - - GET - - HEAD - - OPTIONS - TargetOriginId: S3Origin - MaxTTL: 0 - MinTTL: 0 - DefaultTTL: 0 - PathPattern: index.html - ForwardedValues: - QueryString: 'false' - Cookies: - Forward: none - # TrustedSigners: - # - 1234567890EX - # - 1234567891EX - ViewerProtocolPolicy: allow-all - DefaultCacheBehavior: - AllowedMethods: - - GET - - HEAD - - OPTIONS - TargetOriginId: S3Origin - ForwardedValues: - QueryString: 'false' - Cookies: - Forward: none - # TrustedSigners: - # - 1234567890EX - # - 1234567891EX - ViewerProtocolPolicy: allow-all - PriceClass: !Ref PriceClass - Restrictions: - GeoRestriction: - RestrictionType: whitelist - Locations: - - CA - ViewerCertificate: - CloudFrontDefaultCertificate: 'true' - -# -# Outputs -# - -Outputs: - WebAddress: - Value: !GetAtt CloudfrontDistribution.DomainName - - S3Bucket: - Value: !Ref S3Bucket - LogsBucket: - Value: !Ref LogsBucket - - UserAccessKey: - Value: !Ref AccessKeyUser - UserSecretKey: - Value: !GetAtt AccessKeyUser.SecretAccessKey diff --git a/init-env.sh b/init-env.sh deleted file mode 100755 index 9766f76..0000000 --- a/init-env.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash - -TEMPLATE="blog-rekahsoft.yaml" - -display_help() { - cat < - init_env.sh init - init_env.sh info - init_env.sh [help|--help|-h] -EOF -} - -display_info() { - # Get parameters needed for gitlab-ci.yaml - S3_BUCKET=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='S3Bucket'].OutputValue" --output text) - USER_ACCESS_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserAccessKey'].OutputValue" --output text) - USER_SECRET_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserSecretKey'].OutputValue" --output text) - - echo "S3 Bucket: ${S3_BUCKET}" - echo "Access Key: ${USER_ACCESS_KEY}" - echo "Secret Key: ${USER_SECRET_KEY}" -} - -# Variables set by the user using cli arguments -OP="$1" -STACK_NAME="$2" -BUCKET="$3" -CNAMES="$4" - -case "$OP" in - init) - BUCKET="$2" - aws s3 mb "s3://${BUCKET}" - ;; - update|create) - # Push cloudformation template to provided bucket - aws s3 cp "$TEMPLATE" "s3://${BUCKET}" - - # Create cloudformation stack - aws cloudformation "${OP}-stack" --stack-name "$STACK_NAME" --template-url "https://${BUCKET}.s3.amazonaws.com/${TEMPLATE}" --parameters ParameterKey=AlternateURLs,ParameterValue=\"${CNAMES}\" --capabilities CAPABILITY_IAM - - aws cloudformation wait stack-update-complete --stack-name "$STACK_NAME" - - display_info - ;; - info) - display_info - ;; - help|--help|-h) - display_help - ;; - *) - echo "Invalid operation! See $0 --help" - exit 1 - ;; -esac - -# Exit gracefully -exit 0