Skip to content

Instantly share code, notes, and snippets.

View andreidiaconu90's full-sized avatar

Andrei Diaconu andreidiaconu90

  • Romania
View GitHub Profile
@andreidiaconu90
andreidiaconu90 / MyDeployBucket.txt
Last active September 11, 2020 05:06
CodePipeline - S3 Definition
MyDeployBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Delete
Properties:
AccessControl: Private
VersioningConfiguration:
Status: Suspended
@andreidiaconu90
andreidiaconu90 / codepipeline-high-level-definition.txt
Last active September 11, 2020 05:06
codepipeline-high-level-definition
MyCodePipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Type: S3
Location: !Ref MyDeployBucket
RoleArn: !GetAtt
- MyCodePipelineServiceRole
- Arn
Stages:
@andreidiaconu90
andreidiaconu90 / codepipeline-stages
Last active September 11, 2020 06:20
codepipeline-stages
MyCodePipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore[...]
RoleArn:[...]
Stages:
- Name: Source # this is the name that will show up in the AWS console, so consider this the user-friendly name
Actions:
- Name: Get-sources # this is the name used to reference a step by. Consider this the developer-friendly name
ActionTypeId:
@andreidiaconu90
andreidiaconu90 / codepipeline-codebuild
Created September 11, 2020 05:57
codepipeline-codebuild
DeployToStaging:
Type: AWS::CodeBuild::Project
Properties:
Name: "Deploy-to-staging" #this is the name that we'll later use to reference this project inside the CodePipeline definition
ServiceRole: !GetAtt
- ResourcesCodePipelineServiceRole #codepipeline will pass this role to the CodeBuild projects so that they have the rights to create/update/delete resources
- Arn
Artifacts:
Type: CODEPIPELINE
Environment:
Policies:
- PolicyName: mypolicy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Resource: *
Action: *
@andreidiaconu90
andreidiaconu90 / good-iam-role-policy
Last active September 11, 2020 07:19
good-iam-role-policy
Policies:
- PolicyName: my-pipeline-policy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Resource:
- !Sub "arn:aws:logs:*:${AWS::AccountId}:log-group:/aws/codebuild/*"
- !Sub "arn:aws:logs:*:${AWS::AccountId}:log-group:/aws/codebuild/*:log-stream:*"
Action:
@andreidiaconu90
andreidiaconu90 / codepipeline-service-role
Last active September 11, 2020 07:04
codepipeline-service-role
MyCodePipelineServiceRole:
Type: "AWS::IAM::Role"
Properties:
RoleName: "my-pipeline-role"
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
@andreidiaconu90
andreidiaconu90 / webhook-iam-role
Created September 11, 2020 07:11
webhook-iam-role
MyCloudWatchWebHookRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- events.amazonaws.com
@andreidiaconu90
andreidiaconu90 / webhook-definition
Created September 11, 2020 07:16
webhook-definition
MyCloudWatchWebHook:
Type: "AWS::Events::Rule"
Properties:
EventPattern:
source:
- aws.codecommit
detail-type:
- "CodeCommit Repository State Change"
resources:
- !Join
@andreidiaconu90
andreidiaconu90 / default-serverless-example
Created September 18, 2020 10:29
default-serverless-example
service:my service
provider:
name: aws
runtime: nodejs12.x
region: my-region
profile: default
apiGateway:
binaryMediaTypes:
- "application/octet-stream"