Skip to content

Instantly share code, notes, and snippets.

@GusAntoniassi
Created May 25, 2020 13:50
Show Gist options
  • Save GusAntoniassi/b148759cae3b46d20fbd8094a370bfd4 to your computer and use it in GitHub Desktop.
Save GusAntoniassi/b148759cae3b46d20fbd8094a370bfd4 to your computer and use it in GitHub Desktop.
AWS CloudFormation Nested Stack bucket policy

This S3 bucket policy allows CloudFormation to read your Nested Stack template without making it public for everyone.

Policy JSON:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowCloudformationAccessBucket",
            "Effect": "Allow",
            "Principal": {
                "Service": "cloudformation.amazonaws.com"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-bucket-name/*"
        }
    ]
}

Usage in CloudFormation yaml:

Resources:
  FooStack:
    Type: AWS::CloudFormation::Stack
    Properties: 
      Parameters: 
        Foo: Foo
        Bar: Bar
      TemplateURL: https://s3.amazonaws.com/my-bucket-name/stack-template.yml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment