Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
349 lines (348 sloc) 9.55 KB
---
Description: Automate provisioning of CodePipeline, CodeCommit, CodeBuild, CloudWatch Events and
CodeDeploy. **WARNING** This template creates one or more Amazon EC2 instances.
You will be billed for the AWS resources used if you create a stack from this template.
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
EmailAddress:
Description: Email Address for sending SNS notifications for CodeCommit
Type: String
RepositoryBranch:
Description: The name of the branch for the CodeCommit repo
Type: String
Default: master
AllowedPattern: "[\\x20-\\x7E]*"
ConstraintDescription: Can contain only ASCII characters.
TagKey:
Type: String
Default: Name
Description: The tag name that is associated with EC2 instances on which CodeDeploy
agent is installed
TagValue:
Description: The tag value that identifies this as a target for deployments.
Type: String
Default: CodeDeployEC2Tag
AllowedPattern: "[\\x20-\\x7E]*"
ConstraintDescription: Can contain only ASCII characters.
KeyName:
Description: Name of an existing Amazon EC2 key pair to enable SSH access to the
instances.
Type: AWS::EC2::KeyPair::KeyName
MinLength: '1'
MaxLength: '255'
AllowedPattern: "[\\x20-\\x7E]*"
ConstraintDescription: Can contain only ASCII characters.
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Dynamic Configuration
Parameters:
- KeyName
- RepositoryBranch
ParameterLabels:
KeyName:
default: EC2 KeyPair Name
RepositoryName:
default: CodeCommit Repository Name
RepositoryBranch:
default: CodeCommit Repository Branch
Resources:
EventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "EventRule"
EventPattern:
source:
- aws.codepipeline
detail-type:
- CodePipeline Pipeline Execution State Change
detail:
state:
- FAILED
State: "ENABLED"
Targets:
-
Arn:
Ref: "MySNSTopic"
Id: "PipelineNotificationTopic"
InputTransformer:
InputTemplate: '"The Pipeline <pipeline> has failed. Go to https://console.aws.amazon.com/codepipeline/home?region=us-east-1#/view/<pipeline>" '
InputPathsMap:
pipeline: "$.detail.pipeline"
ArtifactBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Delete
CodeBuildRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- codebuild.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
Policies:
- PolicyName: codebuild-service
PolicyDocument:
Statement:
- Effect: Allow
Action: "*"
Resource: "*"
Version: '2012-10-17'
CodePipelineRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- codepipeline.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
Policies:
- PolicyName: codepipeline-service
PolicyDocument:
Statement:
- Action:
- codecommit:GetBranch
- codecommit:GetCommit
- codecommit:UploadArchive
- codecommit:GetUploadArchiveStatus
- codecommit:CancelUploadArchive
- codebuild:*
Resource: "*"
Effect: Allow
- Action:
- s3:GetObject
- s3:GetObjectVersion
- s3:GetBucketVersioning
Resource: "*"
Effect: Allow
- Action:
- s3:PutObject
Resource:
- arn:aws:s3:::codepipeline*
- arn:aws:s3:::elasticbeanstalk*
Effect: Allow
- Action:
- codedeploy:CreateDeployment
- codedeploy:GetApplicationRevision
- codedeploy:GetDeployment
- codedeploy:GetDeploymentConfig
- codedeploy:RegisterApplicationRevision
Resource: "*"
Effect: Allow
- Action:
- elasticbeanstalk:*
- ec2:*
- elasticloadbalancing:*
- autoscaling:*
- cloudwatch:*
- s3:*
- sns:*
- cloudformation:*
- rds:*
- sqs:*
- ecs:*
- iam:PassRole
Resource: "*"
Effect: Allow
- Action:
- lambda:InvokeFunction
- lambda:ListFunctions
Resource: "*"
Effect: Allow
Version: '2012-10-17'
CodeBuildWebsite:
Type: AWS::CodeBuild::Project
DependsOn: CodeBuildRole
Properties:
Name:
Ref: AWS::StackName
Description: Build application
ServiceRole:
Fn::GetAtt:
- CodeBuildRole
- Arn
Artifacts:
Type: no_artifacts
Environment:
Type: LINUX_CONTAINER
ComputeType: BUILD_GENERAL1_SMALL
Image: aws/codebuild/eb-ruby-2.3-amazonlinux-64:2.1.6
Source:
Location:
Fn::Join:
- ''
- - https://git-codecommit.
- Ref: AWS::Region
- ".amazonaws.com/v1/repos/"
- Ref: AWS::StackName
Type: CODECOMMIT
TimeoutInMinutes: 10
Tags:
- Key: Owner
Value: MyCodeBuildProject
MySNSTopic:
Type: AWS::SNS::Topic
Properties:
Subscription:
- Endpoint:
Ref: EmailAddress
Protocol: email
CodeDeployEC2InstancesStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://s3.amazonaws.com/stelligent-public/cloudformation-templates/github/labs/codebuild/CodeDeploy_SampleCF_Template.json
TimeoutInMinutes: '60'
Parameters:
TagValue:
Ref: TagValue
KeyPairName:
Ref: KeyName
CodeCommitRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName:
Ref: AWS::StackName
RepositoryDescription: CodeCommit Repository for Sample EC2 CodeDeploy Solution
Triggers:
- Name: MasterTrigger
CustomData:
Ref: AWS::StackName
DestinationArn:
Ref: MySNSTopic
Events:
- all
MyApplication:
Type: AWS::CodeDeploy::Application
DependsOn: CodeDeployEC2InstancesStack
MyDeploymentGroup:
Type: AWS::CodeDeploy::DeploymentGroup
DependsOn: MyApplication
Properties:
ApplicationName:
Ref: MyApplication
DeploymentConfigName: CodeDeployDefault.OneAtATime
Ec2TagFilters:
- Key:
Ref: TagKey
Value:
Ref: TagValue
Type: KEY_AND_VALUE
ServiceRoleArn:
Fn::GetAtt:
- CodeDeployEC2InstancesStack
- Outputs.CodeDeployTrustRoleARN
CodePipelineStack:
Type: AWS::CodePipeline::Pipeline
DependsOn: CodeBuildWebsite
Properties:
RoleArn:
Fn::Join:
- ''
- - 'arn:aws:iam::'
- Ref: AWS::AccountId
- ":role/"
- Ref: CodePipelineRole
Stages:
- Name: Source
Actions:
- InputArtifacts: []
Name: Source
ActionTypeId:
Category: Source
Owner: AWS
Version: '1'
Provider: CodeCommit
OutputArtifacts:
- Name: MyApp
Configuration:
BranchName:
Ref: RepositoryBranch
RepositoryName:
Ref: AWS::StackName
RunOrder: 1
- Name: Build
Actions:
- InputArtifacts:
- Name: MyApp
Name: cfn_nag
ActionTypeId:
Category: Test
Owner: AWS
Version: '1'
Provider: CodeBuild
OutputArtifacts: []
Configuration:
ProjectName:
Ref: CodeBuildWebsite
RunOrder: 1
- InputArtifacts:
- Name: MyApp
Name: Build
ActionTypeId:
Category: Build
Owner: AWS
Version: '1'
Provider: CodeBuild
OutputArtifacts:
- Name: MyAppBuild
Configuration:
ProjectName:
Ref: CodeBuildWebsite
RunOrder: 1
- Name: Deploy
Actions:
- InputArtifacts:
- Name: MyAppBuild
Name: DeployToProd
ActionTypeId:
Category: Deploy
Owner: AWS
Version: '1'
Provider: CodeDeploy
OutputArtifacts: []
Configuration:
ApplicationName:
Ref: MyApplication
DeploymentGroupName:
Ref: MyDeploymentGroup
RunOrder: 1
ArtifactStore:
Type: S3
Location: !Ref ArtifactBucket
Outputs:
PipelineUrl:
Value:
Fn::Join:
- ''
- - https://console.aws.amazon.com/codepipeline/home?region=
- Ref: AWS::Region
- "#/view/"
- Ref: CodePipelineStack
Description: CodePipeline URL
CodeDeployURL:
Value:
Fn::Join:
- ''
- - https://console.aws.amazon.com/codedeploy/home?region=
- Ref: AWS::Region
- "#/deployments/"
Description: CodeDeploy URL
GitCloneCommand:
Value:
Fn::Join:
- ''
- - "git clone https://git-codecommit."
- Ref: AWS::Region
- ".amazonaws.com/v1/repos/"
- Ref: AWS::StackName
- "/"
Description: Git Repository URL
You can’t perform that action at this time.