Skip to content

Commit

Permalink
Merge pull request #418 from kddejong/aws/updates/2024/04/23-2
Browse files Browse the repository at this point in the history 
Clean up a majority of community cfn-lint issues
  • Loading branch information
@kddejong
kddejong authored Apr 23, 2024
2 parents 9e8c69f + 4f36cdc commit 5c745e1
Show file tree
Hide file tree
Showing 8 changed files with 93 additions and 76 deletions.
1 change: 1 addition & 0 deletions .cfnlintrc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ templates:
- community/**/*.json
ignore_templates:
- aws/services/CloudFormation/MacrosExamples/**/*
- community/solutions/StaticWebSiteWithPipeline/examples/stackCreationPolicy.json
ignore_checks:
- W3002 # This is for having to deploy templates using aws cloudformation package
- W3005
Expand Down
9 changes: 1 addition & 8 deletions community/services/EC2/ec2_with_waitcondition_template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,9 @@
"ConstraintDescription" : "must be a valid EC2 instance type."
},

"InstanceCount" : {
"Description" : "Basic EC2 instance count",
"Type" : "String",
"Default" : "1",
"ConstraintDescription" : "must be a valid EC2 instance count."
},

"ImageId" : {
"Description" : "Basic instance ami",
"Type" : "String"
"Type" : "AWS::EC2::Image::Id"
},

"VpcId" : {
Expand Down
6 changes: 2 additions & 4 deletions community/services/Lambda/LambdaSample.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,7 @@ Outputs:
- LambdaRole
- Arn
Export:
Name:
Fn::Sub: LambdaRole
Name: LambdaRole
LambdaFunctionName:
Value:
Ref: LambdaFunction
Expand All @@ -37,8 +36,7 @@ Resources:
LambdaRole:
Type: AWS::IAM::Role
Properties:
RoleName:
Fn::Sub: lambda-role
RoleName: lambda-role
AssumeRolePolicyDocument:
Statement:
- Action:
Expand Down
28 changes: 0 additions & 28 deletions community/services/VPC/vpc_template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,34 +41,6 @@
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings": {
"RegionMap": {
"us-east-1": {
"AMI": "ami-7f418316"
},
"us-west-1": {
"AMI": "ami-951945d0"
},
"us-west-2": {
"AMI": "ami-16fd7026"
},
"eu-west-1": {
"AMI": "ami-24506250"
},
"sa-east-1": {
"AMI": "ami-3e3be423"
},
"ap-southeast-1": {
"AMI": "ami-74dda626"
},
"ap-southeast-2": {
"AMI": "ami-b3990e89"
},
"ap-northeast-1": {
"AMI": "ami-dcfa4edd"
}
}
},
"Resources": {
"VPC": {
"Type": "AWS::EC2::VPC",
Expand Down
6 changes: 3 additions & 3 deletions community/services/apigateway/apigateway_lambda_integration.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@
"Ref": "LambdaFunctionName"
},
"MemorySize": "128",
"Runtime": "python3.6",
"Runtime": "python3.8",
"Timeout": "10",
"Role": {
"Fn::GetAtt": [
Expand Down Expand Up @@ -235,7 +235,7 @@
"logs:CreateLogGroup"
],
"Resource": {
"Fn::Sub": "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:*"
"Fn::Sub": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*"
}
},
{
Expand All @@ -245,7 +245,7 @@
"logs:PutLogEvents"
],
"Resource": {
"Fn::Sub": "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${LambdaFunctionName}:*"
"Fn::Sub": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${LambdaFunctionName}:*"
}
}
]
Expand Down
59 changes: 37 additions & 22 deletions community/solutions/StaticWebSiteWithPipeline/stacks/distribution.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,29 +27,44 @@
"Description" : "The ARN for Valid Public Certificate emited by ACM"
}
},

"Mappings" : {
"Region2S3WebsiteSuffix": {
"us-east-1" : { "Suffix": ".s3-website-us-east-1.amazonaws.com" },
"us-west-1" : { "Suffix": ".s3-website-us-west-1.amazonaws.com" },
"us-west-2" : { "Suffix": ".s3-website-us-west-2.amazonaws.com" },
"eu-west-1" : { "Suffix": ".s3-website-eu-west-1.amazonaws.com" },
"eu-west-2" : { "Suffix": ".s3-website-eu-west-2.amazonaws.com" },
"eu-west-3" : { "Suffix": ".s3-website-eu-west-3.amazonaws.com" },
"ap-northeast-1" : { "Suffix": ".s3-website-ap-northeast-1.amazonaws.com" },
"ap-northeast-2" : { "Suffix": ".s3-website-ap-northeast-2.amazonaws.com" },
"ap-northeast-3" : { "Suffix": ".s3-website-ap-northeast-3.amazonaws.com" },
"ap-southeast-1" : { "Suffix": ".s3-website-ap-southeast-1.amazonaws.com" },
"ap-southeast-2" : { "Suffix": ".s3-website-ap-southeast-2.amazonaws.com" },
"ap-south-1" : { "Suffix": ".s3-website-ap-south-1.amazonaws.com" },
"us-east-2" : { "Suffix": ".s3-website-us-east-2.amazonaws.com" },
"ca-central-1" : { "Suffix": ".s3-website-ca-central-1.amazonaws.com" },
"sa-east-1" : { "Suffix": ".s3-website-sa-east-1.amazonaws.com" },
"cn-north-1" : { "Suffix": ".s3-website.cn-north-1.amazonaws.com.cn" },
"cn-northwest-1" : { "Suffix": ".s3-website.cn-northwest-1.amazonaws.com.cn" },
"eu-central-1" : { "Suffix": ".s3-website-eu-central-1.amazonaws.com" }
"Metadata": {
"cfn-lint": {
"config": {
"regions": [
"af-south-1",
"ap-east-1",
"ap-northeast-1",
"ap-northeast-2",
"ap-northeast-3",
"ap-south-1",
"ap-south-2",
"ap-southeast-1",
"ap-southeast-2",
"ap-southeast-3",
"ap-southeast-4",
"ca-central-1",
"ca-west-1",
"cn-north-1",
"cn-northwest-1",
"il-central-1",
"eu-central-1",
"eu-central-2",
"eu-north-1",
"eu-south-1",
"eu-south-2",
"eu-west-1",
"eu-west-2",
"eu-west-3",
"me-south-1",
"me-central-1",
"sa-east-1",
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2"
]
}
}

},

"Resources" : {
Expand Down
58 changes: 47 additions & 11 deletions community/solutions/StaticWebSiteWithPipeline/stacks/pipeline.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,43 @@
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Cloud Formation Template for Pipeline/Build/Deploy StaticWebSite on S3",

"Metadata": {
"cfn-lint": {
"config": {
"regions": [
"af-south-1",
"ap-east-1",
"ap-northeast-1",
"ap-northeast-2",
"ap-northeast-3",
"ap-south-1",
"ap-south-2",
"ap-southeast-1",
"ap-southeast-2",
"ap-southeast-3",
"ca-central-1",
"cn-north-1",
"cn-northwest-1",
"il-central-1",
"eu-central-1",
"eu-north-1",
"eu-south-1",
"eu-west-1",
"eu-west-2",
"eu-west-3",
"me-south-1",
"me-central-1",
"sa-east-1",
"us-east-1",
"us-east-2",
"us-gov-east-1",
"us-gov-west-1",
"us-west-1",
"us-west-2"
]
}
}
},
"Parameters" : {

"S3BucketForWebSite" : {
Expand Down Expand Up @@ -45,8 +81,8 @@
"Sid": "WriteOnWebSiteBucket",
"Action": ["s3:*"],
"Resource": [
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]},
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]}
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]},
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]}
],
"Effect": "Allow"
},
Expand All @@ -73,8 +109,8 @@
"Effect": "Allow",
"Action": ["s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:GetObjectVersion", "s3:GetBucketAcl", "s3:PutBucketAcl", "s3:PutObjectAcl", "s3:GetObjectVersion"],
"Resource": [
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]},
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]}
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]},
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]}
]
}
]
Expand Down Expand Up @@ -129,8 +165,8 @@
"Sid": "WriteOnWebSiteBucket",
"Action": ["s3:*"],
"Resource": [
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]},
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]}
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]},
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForWebSite" }} ]}
],
"Effect": "Allow"
},
Expand All @@ -145,8 +181,8 @@
"Effect": "Allow",
"Action": ["s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:GetObjectVersion", "s3:GetBucketAcl", "s3:PutBucketAcl", "s3:PutObjectAcl", "s3:GetObjectVersion"],
"Resource": [
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]},
{ "Fn::Sub": [ "arn:aws:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]}
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]},
{ "Fn::Sub": [ "arn:${AWS::Partition}:s3:::${BucketName}/*", { "BucketName": {"Ref" : "S3BucketForArtifacts" }} ]}
]
},
{
Expand Down Expand Up @@ -226,7 +262,7 @@
"Statement": [
{
"Action": ["codepipeline:StartPipelineExecution"],
"Resource": { "Fn::Sub": [ "arn:aws:codepipeline:${Region}:${Account}:${PipelineName}", { "Region": { "Ref" : "AWS::Region" }, "Account": { "Ref" : "AWS::AccountId" }, "PipelineName": {"Ref" : "CodePipeline" }} ]},
"Resource": { "Fn::Sub": [ "arn:${AWS::Partition}:codepipeline:${Region}:${Account}:${PipelineName}", { "Region": { "Ref" : "AWS::Region" }, "Account": { "Ref" : "AWS::AccountId" }, "PipelineName": {"Ref" : "CodePipeline" }} ]},
"Effect": "Allow"
}
]
Expand All @@ -252,7 +288,7 @@

"Targets" : [ {
"Id" : "codepipeline",
"Arn" : { "Fn::Sub": [ "arn:aws:codepipeline:${Region}:${Account}:${PipelineName}", { "Region": { "Ref" : "AWS::Region" }, "Account": { "Ref" : "AWS::AccountId" }, "PipelineName": {"Ref" : "CodePipeline" }} ]},
"Arn" : { "Fn::Sub": [ "arn:${AWS::Partition}:codepipeline:${Region}:${Account}:${PipelineName}", { "Region": { "Ref" : "AWS::Region" }, "Account": { "Ref" : "AWS::AccountId" }, "PipelineName": {"Ref" : "CodePipeline" }} ]},
"RoleArn" : { "Fn::GetAtt" : ["CloudWathEventRole", "Arn"] }
} ]

Expand Down
2 changes: 2 additions & 0 deletions community/solutions/StaticWebSiteWithPipeline/stacks/s3buckets.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
"S3BucketForWebsiteLog" : {
"Type" : "AWS::S3::Bucket",
"DeletionPolicy" : "Retain",
"UpdateReplacePolicy": "Retain",
"Properties" : {
"BucketName" : { "Fn::Join" : [ "", [ "", "logs.", { "Ref" : "HostName" }, ".", { "Ref" : "HostedZoneName" } ] ] },
"AccessControl" : "LogDeliveryWrite"
Expand All @@ -30,6 +31,7 @@
"S3BucketForWebsiteContent" : {
"Type" : "AWS::S3::Bucket",
"DeletionPolicy" : "Retain",
"UpdateReplacePolicy": "Retain",
"DependsOn": ["S3BucketForWebsiteLog"],
"Properties" : {
"BucketName" : { "Fn::Join" : [ "", [ "", { "Ref" : "HostName" }, ".", { "Ref" : "HostedZoneName" } ] ] },
Expand Down

0 comments on commit 5c745e1

Please sign in to comment.