Created
June 19, 2018 17:30
-
-
Save christianklotz/53207b14877cb2b8c0c6f9bb692bee0f to your computer and use it in GitHub Desktop.
CloudFormation template to create S3 bucket resource with custom role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Transform: AWS::Serverless-2016-10-31 | |
| Parameters: | |
| BucketPrefix: | |
| Type: String | |
| Description: "The prefix used for all S3 buckets." | |
| AllowedPattern: "[a-z-]+" | |
| Resources: | |
| Assets: | |
| Type: AWS::S3::Bucket | |
| Properties: | |
| BucketName: !Sub "${BucketPrefix}-assets" | |
| CustomRole: | |
| Type: "AWS::IAM::Role" | |
| Properties: | |
| RoleName: !Sub "${AWS::StackName}-CustomRole" | |
| Path: / | |
| AssumeRolePolicyDocument: | |
| Version: 2012-10-17 | |
| Statement: | |
| - # add your own statement here | |
| Policies: | |
| - | |
| PolicyName: !Sub "${AWS::StackName}-CustomRole" | |
| PolicyDocument: | |
| Statement: | |
| - | |
| Effect: Allow | |
| Action: | |
| - s3:PutObject | |
| - s3:GetObject | |
| - s3:PutObjectTagging | |
| Resource: | |
| - !Join ["", ["arn:aws:s3:::", Ref: "BucketPrefix", "-assets", "/*" ]] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment