diff --git a/samples/sample-cdk-app/README.md b/samples/sample-cdk-app/README.md index 52a498201..1ca20c8db 100644 --- a/samples/sample-cdk-app/README.md +++ b/samples/sample-cdk-app/README.md @@ -1,6 +1,6 @@ # Sample CDK Application to showcase ADF Pipelines -This pipeline is expecting *(in the example case)* a AWS CodeCommit repository +This pipeline is expecting *(in the example case)* an AWS CodeCommit repository on the account `111111111111` in your main deployment region named *sample-cdk-application*. diff --git a/samples/sample-cdk-bootstrap/README.md b/samples/sample-cdk-bootstrap/README.md new file mode 100644 index 000000000..a38f2c2bc --- /dev/null +++ b/samples/sample-cdk-bootstrap/README.md @@ -0,0 +1,23 @@ +# Sample CDK Bootstrap pipeline + +This pipeline is expecting *(in the example case)* an AWS CodeCommit repository +on the account `111111111111` in your main deployment region named +*sample-cdk-bootstrap*. + +## Deployment Map example + +```yaml + - name: sample-cdk-bootstrap + default_providers: + source: + provider: codecommit + properties: + account_id: 111111111111 + build: + provider: codebuild + properties: + image: "STANDARD_7_0" + targets: + - /banking/testing + - /banking/production +``` diff --git a/samples/sample-cdk-bootstrap/buildspec.yml b/samples/sample-cdk-bootstrap/buildspec.yml new file mode 100644 index 000000000..7c7560f00 --- /dev/null +++ b/samples/sample-cdk-bootstrap/buildspec.yml @@ -0,0 +1,22 @@ +# Copyright Amazon.com Inc. or its affiliates. +# SPDX-License-Identifier: Apache-2.0 + +version: 0.2 + +phases: + install: + runtime-versions: + python: 3.12 + nodejs: 20 + commands: + - aws s3 cp s3://$S3_BUCKET_NAME/adf-build/ adf-build/ --recursive --quiet + - pip install -r adf-build/requirements.txt -q + - python adf-build/generate_params.py + + build: + commands: + - npm install aws-cdk -g + - cdk bootstrap --show-template > template.yml + +artifacts: + files: '**/*' diff --git a/samples/sample-cdk-bootstrap/params/global.yml b/samples/sample-cdk-bootstrap/params/global.yml new file mode 100644 index 000000000..bb77230ef --- /dev/null +++ b/samples/sample-cdk-bootstrap/params/global.yml @@ -0,0 +1,62 @@ +# Copyright Amazon.com Inc. or its affiliates. +# SPDX-License-Identifier: Apache-2.0 +# +# Parameters of the CDK Bootstrap stack: +# TrustedAccounts: +# Description: List of AWS accounts that are trusted to publish assets and deploy stacks to this environment +# Default: "" +# Type: CommaDelimitedList +# TrustedAccountsForLookup: +# Description: List of AWS accounts that are trusted to look up values in this environment +# Default: "" +# Type: CommaDelimitedList +# CloudFormationExecutionPolicies: +# Description: List of the ManagedPolicy ARN(s) to attach to the CloudFormation deployment role +# Default: "" +# Type: CommaDelimitedList +# FileAssetsBucketName: +# Description: The name of the S3 bucket used for file assets +# Default: "" +# Type: String +# FileAssetsBucketKmsKeyId: +# Description: Empty to create a new key (default), 'AWS_MANAGED_KEY' to use a managed S3 key, or the ID/ARN of an existing key. +# Default: "" +# Type: String +# ContainerAssetsRepositoryName: +# Description: A user-provided custom name to use for the container assets ECR repository +# Default: "" +# Type: String +# Qualifier: +# Description: An identifier to distinguish multiple bootstrap stacks in the same environment +# Default: hnb659fds +# Type: String +# AllowedPattern: "[A-Za-z0-9_-]{1,10}" +# ConstraintDescription: Qualifier must be an alphanumeric identifier of at most 10 characters +# PublicAccessBlockConfiguration: +# Description: Whether or not to enable S3 Staging Bucket Public Access Block Configuration +# Default: "true" +# Type: String +# AllowedValues: +# - "true" +# - "false" +# InputPermissionsBoundary: +# Description: Whether or not to use either the CDK supplied or custom permissions boundary +# Default: "" +# Type: String +# UseExamplePermissionsBoundary: +# Default: "false" +# AllowedValues: +# - "true" +# - "false" +# Type: String +# BootstrapVariant: +# Type: String +# Default: "AWS CDK: Default Resources" + +Parameters: + TrustedAccounts: 'resolve:/adf/deployment_account_id' + TrustedAccountsForLookup: 'resolve:/adf/deployment_account_id' + +Tags: + Repository: sample-codebuild-vpc-repo + App: Sample CodeBuild VPC application diff --git a/samples/sample-ec2-java-app-codedeploy/pom.xml b/samples/sample-ec2-java-app-codedeploy/pom.xml index 750b24e40..25fe8c9fd 100644 --- a/samples/sample-ec2-java-app-codedeploy/pom.xml +++ b/samples/sample-ec2-java-app-codedeploy/pom.xml @@ -1,11 +1,11 @@ - - - 4.0.0 + + + org.springframework gs-spring-boot 0.1.0 diff --git a/samples/sample-ec2-with-codedeploy/README.md b/samples/sample-ec2-with-codedeploy/README.md index 8baec3154..89c37cfd0 100644 --- a/samples/sample-ec2-with-codedeploy/README.md +++ b/samples/sample-ec2-with-codedeploy/README.md @@ -5,10 +5,6 @@ is aimed at showcasing how to deploy a basic Spring Boot application with [AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/welcome.html) via ADF. -This stack assumes an Amazon EC2 -[Key Pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) -has been created in the target accounts. - This stack is a generic stack for applications that run on Amazon EC2. This stack could be extended and used as a base for all line of business type applications that run Amazon EC2. diff --git a/samples/sample-ec2-with-codedeploy/params/global.yml b/samples/sample-ec2-with-codedeploy/params/global.yml index bf195181f..1d6873964 100644 --- a/samples/sample-ec2-with-codedeploy/params/global.yml +++ b/samples/sample-ec2-with-codedeploy/params/global.yml @@ -6,8 +6,7 @@ Parameters: ApplicationName: "sample" InstanceMaxSize: "3" InstanceMinSize: "1" - ImageId: "resolve:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2" + ImageId: "resolve:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64" InstanceType: "t3.micro" CodeDeployAgentInstallScript: "upload:path:scripts/install-codedeploy.sh" JavaInstallScript: "upload:path:scripts/install-deps.sh" - KeyPair: "some_key_pair" diff --git a/samples/sample-ec2-with-codedeploy/scripts/install-codedeploy.sh b/samples/sample-ec2-with-codedeploy/scripts/install-codedeploy.sh index 3523b17db..640d8f748 100755 --- a/samples/sample-ec2-with-codedeploy/scripts/install-codedeploy.sh +++ b/samples/sample-ec2-with-codedeploy/scripts/install-codedeploy.sh @@ -7,10 +7,11 @@ set -xe ## Code Deploy Agent Bootstrap Script ## -exec > >(tee /var/log/user-data.log | logger -t user-data -s 2> /dev/console) 2>&1 +exec > >(sudo tee /var/log/user-data.log | logger -t user-data -s 2> /dev/console) 2>&1 AUTOUPDATE=false function installdep() { + echo "Installing dependencies..." if [ ${PLAT} = "ubuntu" ]; then apt-get -y update # Satisfying even Ubuntu older versions. @@ -19,6 +20,7 @@ function installdep() { yum -y update yum install -y aws-cli ruby jq fi + echo "Done installing dependencies." } function platformize() { @@ -36,39 +38,15 @@ function platformize() { } function execute() { - if [ ${PLAT} = "ubuntu" ]; then - cd /tmp/ - wget https://aws-codedeploy-${REGION}.s3.${REGION}.amazonaws.com/latest/install - chmod +x ./install - - if ./install auto; then - echo "Installation completed" - if ! ${AUTOUPDATE}; then - echo "Disabling Auto Update" - sed -i '/@reboot/d' /etc/cron.d/codedeploy-agent-update - chattr +i /etc/cron.d/codedeploy-agent-update - rm -f /tmp/install - fi - exit 0 - else - echo "Installation script failed, please investigate" - rm -f /tmp/install - exit 1 - fi - - elif [ ${PLAT} = "amz" ]; then + if [[ "${PLAT}" = "ubuntu" ]] || [[ "${PLAT}" = "amz" ]]; then + echo "Downloading CodeDeploy Agent..." cd /tmp/ wget https://aws-codedeploy-${REGION}.s3.${REGION}.amazonaws.com/latest/install chmod +x ./install + echo "Installing CodeDeploy Agent..." if ./install auto; then echo "Installation completed" - if ! ${AUTOUPDATE}; then - echo "Disabling auto update" - sed -i '/@reboot/d' /etc/cron.d/codedeploy-agent-update - chattr +i /etc/cron.d/codedeploy-agent-update - rm -f /tmp/install - fi exit 0 else echo "Installation script failed, please investigate" @@ -83,5 +61,6 @@ function execute() { platformize installdep -REGION=$(curl -s 169.254.169.254/latest/dynamic/instance-identity/document | jq -r ".region") +export TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600") +export REGION=$(curl -H "X-aws-ec2-metadata-token: ${TOKEN}" -s http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r ".region") execute diff --git a/samples/sample-ec2-with-codedeploy/scripts/install-deps.sh b/samples/sample-ec2-with-codedeploy/scripts/install-deps.sh index 08d8d0e3c..f2b425ab0 100755 --- a/samples/sample-ec2-with-codedeploy/scripts/install-deps.sh +++ b/samples/sample-ec2-with-codedeploy/scripts/install-deps.sh @@ -1,8 +1,10 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright Amazon.com Inc. or its affiliates. # SPDX-License-Identifier: Apache-2.0 +set -xe + # install apache httpd sudo yum install httpd -y @@ -10,15 +12,12 @@ sudo yum install httpd -y curl -s "https://get.sdkman.io" | bash source "$HOME/.sdkman/bin/sdkman-init.sh" -# install Java 8 -sudo yum install java-1.8.0 -y -# remove Java 1.7 -sudo yum remove java-1.7.0-openjdk -y +# install Java +sudo yum install -y java-17-amazon-corretto-headless # install Maven -sudo wget http://repos.fedorapeople.org/repos/dchen/apache-maven/epel-apache-maven.repo -O /etc/yum.repos.d/epel-apache-maven.repo -sudo sed -i s/\$releasever/7/g /etc/yum.repos.d/epel-apache-maven.repo -sudo yum install -y apache-maven +yum -y update +sudo yum install -y maven # sdk version java -version @@ -30,7 +29,7 @@ sdk install springboot # create a springboot user to run the app as a service sudo useradd springboot # springboot login shell disabled -sudo chsh -s /sbin/nologin springboot +sudo usermod --shell /sbin/nologin springboot # forward port 80 to 8080 echo " @@ -42,8 +41,8 @@ echo " " | sudo tee -a /etc/httpd/conf/httpd.conf > /dev/null # start the httpd service now and stop it until userdata -sudo service httpd start -sudo service httpd stop +sudo systemctl start httpd +sudo systemctl stop httpd # ensure httpd stays on -sudo chkconfig httpd on +sudo systemctl enable httpd diff --git a/samples/sample-ec2-with-codedeploy/template.yml b/samples/sample-ec2-with-codedeploy/template.yml index ab1dddd04..dacc06e07 100644 --- a/samples/sample-ec2-with-codedeploy/template.yml +++ b/samples/sample-ec2-with-codedeploy/template.yml @@ -52,10 +52,6 @@ Parameters: ConstraintDescription: "Must be one of the values from the list." Description: "Instance type for the EC2 instances." - KeyPair: - Description: "Amazon EC2 Key Pair" - Type: "AWS::EC2::KeyPair::KeyName" - Resources: AutoScalingGroup: Type: "AWS::AutoScaling::AutoScalingGroup" @@ -71,7 +67,9 @@ Resources: AvailabilityZones: !GetAZs "" MinSize: !Ref "InstanceMinSize" MaxSize: !Ref "InstanceMaxSize" - LaunchConfigurationName: !Ref "LaunchConfiguration" + LaunchTemplate: + LaunchTemplateId: !GetAtt LaunchTemplate.LaunchTemplateId + Version: !GetAtt LaunchTemplate.LatestVersionNumber MetricsCollection: - Granularity: "1Minute" TerminationPolicies: @@ -108,32 +106,40 @@ Resources: AutoScalingGroups: - !Ref "AutoScalingGroup" - LaunchConfiguration: - Type: "AWS::AutoScaling::LaunchConfiguration" + LaunchTemplate: + Type: "AWS::EC2::LaunchTemplate" Properties: - AssociatePublicIpAddress: false - IamInstanceProfile: !ImportValue "GlobalInstanceProfileArn" - ImageId: !Ref "ImageId" - InstanceType: !Ref "InstanceType" - KeyName: !Ref "KeyPair" - SecurityGroups: - - !Ref "PrivateSecurityGroup" - UserData: - "Fn::Base64": !Sub | - #!/bin/bash - BUCKET_NAME=$(echo ${CodeDeployAgentInstallScript} | sed 's/^.*adf-global-base/adf-global-base/' |sed 's/\/.*//') - KEY=$(echo ${CodeDeployAgentInstallScript} | sed 's/^.*adf-upload/adf-upload/') - aws s3api get-object --bucket $BUCKET_NAME --key $KEY /tmp/code_deploy_install.sh + LaunchTemplateName: !Sub ${AWS::StackName}-launch-template + LaunchTemplateData: + IamInstanceProfile: + Arn: !ImportValue IamInstanceProfile + ImageId: !Ref "ImageId" + InstanceType: !Ref "InstanceType" + MetadataOptions: + HttpEndpoint: enabled + HttpPutResponseHopLimit: 2 + HttpTokens: required + NetworkInterfaces: + - AssociatePublicIpAddress: false + DeviceIndex: 0 + Groups: + - !Ref "PrivateSecurityGroup" + UserData: + "Fn::Base64": !Sub | + #!/bin/bash + BUCKET_NAME=$(echo "${CodeDeployAgentInstallScript}" | sed 's/^.*adf-global-base/adf-global-base/' | sed 's/\/.*//') + KEY=$(echo "${CodeDeployAgentInstallScript}" | sed 's/^.*adf-upload/adf-upload/') + aws s3api get-object --bucket "${!BUCKET_NAME}" --key "${!KEY}" /tmp/code_deploy_install.sh - BUCKET_NAME=$(echo ${JavaInstallScript} | sed 's/^.*adf-global-base/adf-global-base/' |sed 's/\/.*//') - KEY=$(echo ${JavaInstallScript} | sed 's/^.*adf-upload/adf-upload/') - aws s3api get-object --bucket $BUCKET_NAME --key $KEY /tmp/java_install.sh + BUCKET_NAME=$(echo "${JavaInstallScript}" | sed 's/^.*adf-global-base/adf-global-base/' |sed 's/\/.*//') + KEY=$(echo "${JavaInstallScript}" | sed 's/^.*adf-upload/adf-upload/') + aws s3api get-object --bucket "${!BUCKET_NAME}" --key "${!KEY}" /tmp/java_install.sh - chmod +x /tmp/java_install.sh - chmod +x /tmp/code_deploy_install.sh - /tmp/code_deploy_install.sh - /tmp/java_install.sh - /opt/aws/bin/cfn-signal -e 0 --stack ${AWS::StackName} --resource AutoScalingGroup --region ${AWS::Region} + chmod +x /tmp/java_install.sh + chmod +x /tmp/code_deploy_install.sh + /tmp/code_deploy_install.sh + /tmp/java_install.sh + /opt/aws/bin/cfn-signal -e 0 --stack "${AWS::StackName}" --resource AutoScalingGroup --region "${AWS::Region}" PrivateSecurityGroup: Type: AWS::EC2::SecurityGroup diff --git a/samples/sample-ecs-cluster/README.md b/samples/sample-ecs-cluster/README.md index d7d6c809a..7e0344a09 100644 --- a/samples/sample-ecs-cluster/README.md +++ b/samples/sample-ecs-cluster/README.md @@ -1,5 +1,10 @@ # Sample ECS Cluster to showcase ADF Pipelines +## Prerequisites + +Please make sure you deploy the `sample-vpc` example before you deploy +this sample. The VPC should be deployed to the same target accounts and region. + ## Deployment Map example ```yaml diff --git a/samples/sample-ecs-cluster/template.yml b/samples/sample-ecs-cluster/template.yml index c9d1a0d7c..ac2ceed18 100644 --- a/samples/sample-ecs-cluster/template.yml +++ b/samples/sample-ecs-cluster/template.yml @@ -170,11 +170,11 @@ Outputs: Export: Name: 'ClusterName' - LoadBalancerExternalUrl: + ECSLoadBalancerExternalUrl: Description: The url of the external load balancer Value: !Sub http://${PublicLoadBalancer.DNSName} Export: - Name: 'LoadBalancerExternalUrl' + Name: 'ECSLoadBalancerExternalUrl' ECSRole: Description: The ARN of the ECS role diff --git a/samples/sample-fargate-node-app/Dockerfile b/samples/sample-fargate-node-app/Dockerfile index 09e956fc4..59cddd091 100644 --- a/samples/sample-fargate-node-app/Dockerfile +++ b/samples/sample-fargate-node-app/Dockerfile @@ -1,7 +1,7 @@ # Copyright Amazon.com Inc. or its affiliates. # SPDX-License-Identifier: Apache-2.0 -FROM node:current-alpine +FROM public.ecr.aws/docker/library/node:current-alpine WORKDIR /app COPY . . RUN npm install diff --git a/samples/sample-fargate-node-app/README.md b/samples/sample-fargate-node-app/README.md index 63e39396a..18f3b5197 100644 --- a/samples/sample-fargate-node-app/README.md +++ b/samples/sample-fargate-node-app/README.md @@ -1,9 +1,20 @@ # Sample NodeJS Web Application running on AWS Fargate +## Prerequisites + +Please make sure you deploy the `sample-ecr-repository` and +`sample-ecs-cluster` examples before you deploy this sample. +The ECS cluster should be deployed to the same target accounts and region. + +If you want to change the region to another region, please make sure to rename +the `params/global_eu-west-1.json` file to use the new region name. +For example: `params/global_us-east-1.json`. +Also update the regions list in the deployment map for this example. + ## Deployment Map example ```yaml - - name: sample-node-app + - name: sample-fargate-node-app default_providers: source: provider: codecommit @@ -17,6 +28,8 @@ # ^ Required for Docker in Docker to work as expected (since # CodeBuild will run our docker commands to create and push our # image). + regions: + - eu-west-1 targets: # Example Targets: These accounts/regions have had the sample-vpc deployed - 222222222222 diff --git a/samples/sample-fargate-node-app/build/docker.sh b/samples/sample-fargate-node-app/build/docker.sh index 01a3dc7f0..235b517fa 100755 --- a/samples/sample-fargate-node-app/build/docker.sh +++ b/samples/sample-fargate-node-app/build/docker.sh @@ -5,14 +5,21 @@ set -e -$(aws ecr get-login --region $AWS_REGION --no-include-email) -REPOSITORY_URI=$ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ADF_PROJECT_NAME +aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com +REPOSITORY_URI="${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ADF_PROJECT_NAME}" IMAGE_TAG=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7) -docker build -t $REPOSITORY_URI:latest . -docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$IMAGE_TAG -docker push $REPOSITORY_URI:latest -docker push $REPOSITORY_URI:$IMAGE_TAG +docker build -t "${REPOSITORY_URI}:latest" . +docker tag "${REPOSITORY_URI}:latest" "${REPOSITORY_URI}:${IMAGE_TAG}" +docker push "${REPOSITORY_URI}:latest" +docker push "${REPOSITORY_URI}:${IMAGE_TAG}" tmp=$(mktemp) -jq --arg REPOSITORY_URI "$REPOSITORY_URI" --arg IMAGE_TAG "$IMAGE_TAG" '.Parameters.Image = $REPOSITORY_URI+":"+$IMAGE_TAG' params/global.json > "$tmp" && mv "$tmp" params/global.json +jq \ + --arg REPOSITORY_URI "$REPOSITORY_URI" \ + --arg IMAGE_TAG "$IMAGE_TAG" \ + '.Parameters.Image = $REPOSITORY_URI+":"+$IMAGE_TAG' \ + "params/global_${AWS_REGION}.json" \ + > "$tmp" + +mv "$tmp" "params/global_${AWS_REGION}.json" diff --git a/samples/sample-fargate-node-app/params/global_eu-west-1.json b/samples/sample-fargate-node-app/params/global_eu-west-1.json new file mode 100644 index 000000000..b2f0829cf --- /dev/null +++ b/samples/sample-fargate-node-app/params/global_eu-west-1.json @@ -0,0 +1,5 @@ +{ + "Parameters": { + "Image": "" + } +} diff --git a/samples/sample-iam/README.md b/samples/sample-iam/README.md index 2e996879c..569fa54ab 100644 --- a/samples/sample-iam/README.md +++ b/samples/sample-iam/README.md @@ -3,6 +3,15 @@ This pipeline is expecting *(in the example case)* a AWS CodeCommit repository on the account `111111111111` in your main deployment region named *sample-iam*. +This sample is configured to deploy to the `eu-west-1` region. +If you would like to deploy it to another region, please update the +parameters in the `params/global.yml` file. Replacing the `eu-west-1` part +with the region you like to deploy to. + +As all resources in this stack are globally accessible, this sample should only +be deployed to a single region per account. It is recommended to leave it +configured to the default deployment region of your ADF installation. + ## Deployment Map example ```yaml diff --git a/samples/sample-iam/params/global.yml b/samples/sample-iam/params/global.yml index d162de483..6ca3fa335 100644 --- a/samples/sample-iam/params/global.yml +++ b/samples/sample-iam/params/global.yml @@ -1,6 +1,10 @@ # Copyright Amazon.com Inc. or its affiliates. # SPDX-License-Identifier: Apache-2.0 +Parameters: + DeploymentAssetS3BucketName: "resolve:/adf/cross_region/s3_regional_bucket/eu-west-1" + DeploymentAssetKMSKeyArn: "resolve:/adf/cross_region/kms_arn/eu-west-1" + Tags: TagKey: "my_tag" MyKey: "new_value" diff --git a/samples/sample-iam/template.yml b/samples/sample-iam/template.yml index aa4ea8a94..b31e63aaf 100644 --- a/samples/sample-iam/template.yml +++ b/samples/sample-iam/template.yml @@ -6,6 +6,15 @@ Description: ADF CloudFormation Sample Template (IAM) Metadata: License: Apache-2.0 +Parameters: + DeploymentAssetS3BucketName: + Type: "String" + Description: "The S3 Bucket name where deployment assets will be located" + + DeploymentAssetKMSKeyArn: + Type: "String" + Description: "The KMS Key Arn with which deployment assets will encrypted" + Resources: DevelopersIAMGroup: Type: AWS::IAM::Group @@ -38,7 +47,7 @@ Resources: Action: - "sts:AssumeRole" ManagedPolicyArns: - - !Ref "DefaultInstanceManagedPolicy" + - !Ref DefaultInstanceManagedPolicy RoleName: "global-instance-role" DefaultInstanceManagedPolicy: @@ -61,11 +70,20 @@ Resources: - "elasticloadbalancing:DescribeTargetGroups" - "elasticloadbalancing:DescribeTargetHealth" - "elasticloadbalancing:RegisterTargets" + Resource: + - "*" + - Effect: "Allow" + Action: - "kms:Decrypt" + Resource: + - !Ref DeploymentAssetKMSKeyArn + - Effect: "Allow" + Action: - "s3:GetObject" - "s3:GetObjectVersion" Resource: - - "*" + - !Sub "arn:${AWS::Partition}:s3:::${DeploymentAssetS3BucketName}/adf-upload/*" + - !Sub "arn:${AWS::Partition}:s3:::${DeploymentAssetS3BucketName}/adf-pipeline-*" CodeDeployServiceRole: Type: "AWS::IAM::Role" diff --git a/samples/sample-serverless-app/buildspec.yml b/samples/sample-serverless-app/buildspec.yml index 5d80bc131..48c5253ef 100644 --- a/samples/sample-serverless-app/buildspec.yml +++ b/samples/sample-serverless-app/buildspec.yml @@ -15,6 +15,6 @@ phases: artifacts: files: - - 'template.yml' + - 'template*.yml' - 'params/*.json' - 'params/*.yml' diff --git a/samples/sample-service-catalog-product/params/global.yml b/samples/sample-service-catalog-product/params/global.yml index 3eea1324a..86f21ea29 100644 --- a/samples/sample-service-catalog-product/params/global.yml +++ b/samples/sample-service-catalog-product/params/global.yml @@ -2,4 +2,4 @@ # SPDX-License-Identifier: Apache-2.0 Parameters: - ProductXTemplateURL: "upload:eu-central-1:productX/template.yml" + ProductXTemplateURL: "upload:path:productX/template.yml" diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/resolver_upload.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/resolver_upload.py index 65eebee51..114c57754 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/resolver_upload.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/resolver_upload.py @@ -58,7 +58,7 @@ def resolve(self, lookup_str: str, random_filename: str) -> str: for item in S3.supported_path_styles() ): raise ValueError( - 'When uploading to S3 you need to specify a path style' + 'When uploading to S3 you need to specify a path style ' 'to use for the returned value to be used. ' f'Supported path styles include: {S3.supported_path_styles()}' ) from None