Remove cloudformation deployment
Signed-off-by: Collin J. Doering <collin.doering@rekahsoft.ca>
This commit is contained in:
parent
364762e223
commit
a35aa7743b
|
@ -1,175 +0,0 @@
|
||||||
AWSTemplateFormatVersion: '2010-09-09'
|
|
||||||
Description: RekahSoft blog stack
|
|
||||||
|
|
||||||
#
|
|
||||||
# Parameters
|
|
||||||
#
|
|
||||||
|
|
||||||
Parameters:
|
|
||||||
AlternateURLs:
|
|
||||||
Type: CommaDelimitedList
|
|
||||||
Default: ''
|
|
||||||
Description: A list of URLs that act as aliases for accessing the cloudfront site
|
|
||||||
PriceClass:
|
|
||||||
Type: String
|
|
||||||
AllowedValues: [PriceClass_100, PriceClass_200, PriceClass_All]
|
|
||||||
Default: PriceClass_100
|
|
||||||
Description: The cloud front price class to use with the web distribution
|
|
||||||
|
|
||||||
|
|
||||||
#
|
|
||||||
# Conditions
|
|
||||||
#
|
|
||||||
|
|
||||||
Conditions:
|
|
||||||
NoAlternateURLs: !Equals [!Join [',', !Ref AlternateURLs], '' ]
|
|
||||||
|
|
||||||
|
|
||||||
#
|
|
||||||
# Resources
|
|
||||||
#
|
|
||||||
|
|
||||||
Resources:
|
|
||||||
User:
|
|
||||||
Type: AWS::IAM::User
|
|
||||||
AccessKeyUser:
|
|
||||||
Type: AWS::IAM::AccessKey
|
|
||||||
Properties:
|
|
||||||
UserName: !Ref User
|
|
||||||
|
|
||||||
S3Bucket:
|
|
||||||
Type: AWS::S3::Bucket
|
|
||||||
Properties:
|
|
||||||
WebsiteConfiguration:
|
|
||||||
IndexDocument: index.html
|
|
||||||
ErrorDocument: error.html
|
|
||||||
S3BucketPolicy:
|
|
||||||
Type: AWS::S3::BucketPolicy
|
|
||||||
Properties:
|
|
||||||
PolicyDocument:
|
|
||||||
Id: S3BucketPolicy
|
|
||||||
Version: '2012-10-17'
|
|
||||||
Statement:
|
|
||||||
- Sid: ListAccess
|
|
||||||
Action:
|
|
||||||
- s3:ListBucket
|
|
||||||
Effect: Allow
|
|
||||||
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket]]
|
|
||||||
Principal:
|
|
||||||
AWS: !GetAtt User.Arn
|
|
||||||
- Sid: ReadWriteAccess
|
|
||||||
Action:
|
|
||||||
- s3:GetObject
|
|
||||||
- s3:PutObject
|
|
||||||
- s3:DeleteObject
|
|
||||||
Effect: Allow
|
|
||||||
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']]
|
|
||||||
Principal:
|
|
||||||
AWS: !GetAtt User.Arn
|
|
||||||
- Sid: PublicReadAccess
|
|
||||||
Action:
|
|
||||||
- s3:GetObject
|
|
||||||
Effect: Allow
|
|
||||||
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']]
|
|
||||||
Principal: '*'
|
|
||||||
Bucket: !Ref S3Bucket
|
|
||||||
|
|
||||||
LogsBucketPolicy:
|
|
||||||
Type: AWS::S3::BucketPolicy
|
|
||||||
Properties:
|
|
||||||
PolicyDocument:
|
|
||||||
Id: LogsBucketPolicy
|
|
||||||
Version: '2012-10-17'
|
|
||||||
Statement:
|
|
||||||
- Sid: ReadWriteAccess
|
|
||||||
Action:
|
|
||||||
- s3:GetObject
|
|
||||||
- s3:PutObject
|
|
||||||
- s3:DeleteObject
|
|
||||||
Effect: Allow
|
|
||||||
Resource: !Join ['', ['arn:aws:s3:::', !Ref LogsBucket, '/*']]
|
|
||||||
Principal:
|
|
||||||
AWS: !GetAtt User.Arn
|
|
||||||
Bucket: !Ref LogsBucket
|
|
||||||
LogsBucket:
|
|
||||||
Type: AWS::S3::Bucket
|
|
||||||
|
|
||||||
CloudfrontDistribution:
|
|
||||||
Type: AWS::CloudFront::Distribution
|
|
||||||
DependsOn:
|
|
||||||
- S3Bucket
|
|
||||||
- LogsBucket
|
|
||||||
Properties:
|
|
||||||
DistributionConfig:
|
|
||||||
Origins:
|
|
||||||
- DomainName: !GetAtt S3Bucket.DomainName # mybucket.s3.amazonaws.com
|
|
||||||
Id: S3Origin
|
|
||||||
S3OriginConfig:
|
|
||||||
OriginAccessIdentity: ''# origin-access-identity/cloudfront/S3Origin
|
|
||||||
Enabled: true
|
|
||||||
HttpVersion: http2
|
|
||||||
Comment: Some comment
|
|
||||||
DefaultRootObject: index.html
|
|
||||||
Logging:
|
|
||||||
IncludeCookies: false
|
|
||||||
Bucket: !GetAtt LogsBucket.DomainName # mylogs.s3.amazonaws.com
|
|
||||||
Prefix: myprefix
|
|
||||||
Aliases: !If [NoAlternateURLs, !Ref 'AWS::NoValue', !Ref AlternateURLs ]
|
|
||||||
CacheBehaviors:
|
|
||||||
- AllowedMethods:
|
|
||||||
- GET
|
|
||||||
- HEAD
|
|
||||||
- OPTIONS
|
|
||||||
TargetOriginId: S3Origin
|
|
||||||
MaxTTL: 0
|
|
||||||
MinTTL: 0
|
|
||||||
DefaultTTL: 0
|
|
||||||
PathPattern: index.html
|
|
||||||
ForwardedValues:
|
|
||||||
QueryString: 'false'
|
|
||||||
Cookies:
|
|
||||||
Forward: none
|
|
||||||
# TrustedSigners:
|
|
||||||
# - 1234567890EX
|
|
||||||
# - 1234567891EX
|
|
||||||
ViewerProtocolPolicy: allow-all
|
|
||||||
DefaultCacheBehavior:
|
|
||||||
AllowedMethods:
|
|
||||||
- GET
|
|
||||||
- HEAD
|
|
||||||
- OPTIONS
|
|
||||||
TargetOriginId: S3Origin
|
|
||||||
ForwardedValues:
|
|
||||||
QueryString: 'false'
|
|
||||||
Cookies:
|
|
||||||
Forward: none
|
|
||||||
# TrustedSigners:
|
|
||||||
# - 1234567890EX
|
|
||||||
# - 1234567891EX
|
|
||||||
ViewerProtocolPolicy: allow-all
|
|
||||||
PriceClass: !Ref PriceClass
|
|
||||||
Restrictions:
|
|
||||||
GeoRestriction:
|
|
||||||
RestrictionType: whitelist
|
|
||||||
Locations:
|
|
||||||
- CA
|
|
||||||
ViewerCertificate:
|
|
||||||
CloudFrontDefaultCertificate: 'true'
|
|
||||||
|
|
||||||
#
|
|
||||||
# Outputs
|
|
||||||
#
|
|
||||||
|
|
||||||
Outputs:
|
|
||||||
WebAddress:
|
|
||||||
Value: !GetAtt CloudfrontDistribution.DomainName
|
|
||||||
|
|
||||||
S3Bucket:
|
|
||||||
Value: !Ref S3Bucket
|
|
||||||
LogsBucket:
|
|
||||||
Value: !Ref LogsBucket
|
|
||||||
|
|
||||||
UserAccessKey:
|
|
||||||
Value: !Ref AccessKeyUser
|
|
||||||
UserSecretKey:
|
|
||||||
Value: !GetAtt AccessKeyUser.SecretAccessKey
|
|
60
init-env.sh
60
init-env.sh
|
@ -1,60 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
TEMPLATE="blog-rekahsoft.yaml"
|
|
||||||
|
|
||||||
display_help() {
|
|
||||||
cat <<EOF
|
|
||||||
Usage: init_env.sh [create|update] <stack-name> <cf-bucket> <cnames>
|
|
||||||
init_env.sh init <cf-bucket>
|
|
||||||
init_env.sh info <stack-name>
|
|
||||||
init_env.sh [help|--help|-h]
|
|
||||||
EOF
|
|
||||||
}
|
|
||||||
|
|
||||||
display_info() {
|
|
||||||
# Get parameters needed for gitlab-ci.yaml
|
|
||||||
S3_BUCKET=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='S3Bucket'].OutputValue" --output text)
|
|
||||||
USER_ACCESS_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserAccessKey'].OutputValue" --output text)
|
|
||||||
USER_SECRET_KEY=$(aws cloudformation describe-stacks --stack-name "$STACK_NAME" --query "Stacks[*].Outputs[?OutputKey=='UserSecretKey'].OutputValue" --output text)
|
|
||||||
|
|
||||||
echo "S3 Bucket: ${S3_BUCKET}"
|
|
||||||
echo "Access Key: ${USER_ACCESS_KEY}"
|
|
||||||
echo "Secret Key: ${USER_SECRET_KEY}"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Variables set by the user using cli arguments
|
|
||||||
OP="$1"
|
|
||||||
STACK_NAME="$2"
|
|
||||||
BUCKET="$3"
|
|
||||||
CNAMES="$4"
|
|
||||||
|
|
||||||
case "$OP" in
|
|
||||||
init)
|
|
||||||
BUCKET="$2"
|
|
||||||
aws s3 mb "s3://${BUCKET}"
|
|
||||||
;;
|
|
||||||
update|create)
|
|
||||||
# Push cloudformation template to provided bucket
|
|
||||||
aws s3 cp "$TEMPLATE" "s3://${BUCKET}"
|
|
||||||
|
|
||||||
# Create cloudformation stack
|
|
||||||
aws cloudformation "${OP}-stack" --stack-name "$STACK_NAME" --template-url "https://${BUCKET}.s3.amazonaws.com/${TEMPLATE}" --parameters ParameterKey=AlternateURLs,ParameterValue=\"${CNAMES}\" --capabilities CAPABILITY_IAM
|
|
||||||
|
|
||||||
aws cloudformation wait stack-update-complete --stack-name "$STACK_NAME"
|
|
||||||
|
|
||||||
display_info
|
|
||||||
;;
|
|
||||||
info)
|
|
||||||
display_info
|
|
||||||
;;
|
|
||||||
help|--help|-h)
|
|
||||||
display_help
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Invalid operation! See $0 --help"
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
# Exit gracefully
|
|
||||||
exit 0
|
|
Loading…
Reference in New Issue