-
Notifications
You must be signed in to change notification settings - Fork 0
/
formation.json
84 lines (76 loc) · 1.97 KB
/
formation.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{
"Description" : "For running a dropbox service",
"Resources" : {
"HDropBucket" : {
"Type" : "AWS::S3::Bucket",
"Properties": {
"LifecycleConfiguration": {
"Rules": [
{
"Status": "Enabled",
"ExpirationInDays": 1
}
]
}
}
},
"BucketPolicy" : {
"Type" : "AWS::S3::BucketPolicy",
"Properties" : {
"PolicyDocument": {
"Id" : "Give access to user",
"Statement" : [{
"Sid" : "AllAccess",
"Action" : ["s3:*"],
"Effect" : "Allow",
"Resource" : { "Fn::Join" : ["", ["arn:aws:s3:::", {"Ref" : "HDropBucket"} ]]},
"Principal" : { "AWS": {"Fn::GetAtt" : ["HDropUser", "Arn"]} }
}]
},
"Bucket" : {"Ref" : "HDropBucket"}
}
},
"HDropUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Policies" : [{
"PolicyName" : "S3Access",
"PolicyDocument" : {
"Statement": [
{
"Effect" : "Allow",
"Action" : "s3:ListAllMyBuckets",
"Resource" : "*"
},
{
"Effect" : "Allow",
"Action" : "s3:*",
"Resource" : { "Fn::Join" : ["", ["arn:aws:s3:::", {"Ref" : "HDropBucket"} , "/*"]]}
}
]
}
}]
}
},
"HDropAccessKey" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : { "Ref" : "HDropUser" }
}
}
},
"Outputs" : {
"BUCKETNAME" : {
"Value" : { "Ref" : "HDropBucket" },
"Description" : "Name of newly created customer S3 bucket"
},
"ACCESSKEY" : {
"Value" : { "Ref" : "HDropAccessKey" }
},
"SECRETKEY" : {
"Value" : {
"Fn::GetAtt" : [ "HDropAccessKey", "SecretAccessKey" ]
}
}
}
}