Skip to content

Instantly share code, notes, and snippets.

@kkpoon

kkpoon/CICD_UPDATE_S3_CLOUDFRONT.md

Last active March 25, 2019 02:04
Show Gist options
  • Save kkpoon/e667becbc9b8ee0c5e7b29af60606248 to your computer and use it in GitHub Desktop.
Save kkpoon/e667becbc9b8ee0c5e7b29af60606248 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CICD_UPDATE_S3_CLOUDFRONT.md

To setup AWS S3 for your CI/CD,

  1. Create S3 buckets for deployment

  2. Create an IAM user

aws iam create-user --user-name ci-bot

S3 permissions for update web content

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::BUCKET_FOR_DEVELOPMENT",
                "arn:aws:s3:::BUCKET_FOR_STAGING",
                "arn:aws:s3:::BUCKET_FOR_PRODUCTION"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::BUCKET_FOR_DEVELOPMENT/*",
                "arn:aws:s3:::BUCKET_FOR_STAGING/*",
                "arn:aws:s3:::BUCKET_FOR_PRODUCTION/*"
            ]
        }
    ]
}

CloudFront permissions for invalidating cache

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "cloudfront:CreateInvalidation",
            "Resource": "*"
        }
    ]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment