No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
test
.gitignore
.travis.yml
.yamllint
LICENSE
README.md
module.yml
package.json

README.md

Build Status NPM version

cfn-modules: AWS S3 bucket

AWS S3 bucket with encryption and backups.

Install

Install Node.js and npm first!

npm i @cfn-modules/s3-bucket

Usage

---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'cfn-modules example'
Resources:
  Bucket:
    Type: 'AWS::CloudFormation::Stack'
    Properties:
      Parameters:
        KmsKeyModule: !GetAtt 'Key.Outputs.StackName' # optional
        BucketName: '' # optional
        Access: Private # optional
        Versioning: 'true' # optional
        NoncurrentVersionExpirationInDays: '0' # optional
        ExpirationInDays: '0' # optional
        LambdaEventTargetLambdaModule1: '' # optional
        LambdaEventType1: 's3:ObjectCreated:*' # optional
        LambdaEventTargetLambdaModule2: '' # optional
        LambdaEventType2: 's3:ObjectRemoved:*' # optional
        LambdaEventTargetLambdaModule3: '' # optional
        LambdaEventType3: 's3:ReducedRedundancyLostObject' # optional
      TemplateURL: './node_modules/@cfn-modules/s3-bucket/module.yml'

Parameters

Name Description Default Required? Allowed values
KmsKeyModule Stack name of kms-key module no
BucketName name of the bucket auto generated value no
Access Access policy of the bucket Private no [Private, PublicRead, CloudFrontRead, ElbAccessLogWrite]
Versioning Enable versioning to keep a backup if objects change true no [true, false, 'false-but-was-true']
NoncurrentVersionExpirationInDays Remove noncurrent object versions after days (set to 0 to disable) 0 no [0-N]
ExpirationInDays Remove objects after days (set to 0 to disable). 0 no [0-N]
LambdaEventTargetLambdaModule1 Stack name of lambda-function module to receive events from this S3 bucket. Also grants the Lambda function access to this bucket and this bucket access to the Lambda function. no
LambdaEventType1 S3 bucket events you want to receive (can not be the same as LambdaEventType2 or LambdaEventType3) s3:ObjectCreated:* no Supported event types
LambdaEventTargetLambdaModule2 Stack name of lambda-function module to receive events from this S3 bucket. Also grants the Lambda function access to this bucket and this bucket access to the Lambda function. no
LambdaEventType2 S3 bucket events you want to receive (can not be the same as LambdaEventType1 or LambdaEventType3) s3:ObjectRemoved:* no Supported event types
LambdaEventTargetLambdaModule31 Stack name of lambda-function module to receive events from this S3 bucket. Also grants the Lambda function access to this bucket and this bucket access to the Lambda function. no
LambdaEventType3 S3 bucket events you want to receive (can not be the same as LambdaEventType1 or LambdaEventType2) s3:ReducedRedundancyLostObject no Supported event types

Limitations

  • Secure: Backups are only per object (you can not easily restore the whole bucket to a specific state)
  • Secure: If you connect a Lambda function without setting the BucketName parameter the least privilege principle is softened: Invocations to the Lambda function are allowed from all S3 buckets inside your AWS account.