标签: aws-cloudformation

我有一个配置为使用 ThridParty GitHub 源提供程序的管道，如下所示：

...
Resources:
  DevPipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      Name: my-pipeline
      RoleArn: !Ref 'PipelineRole'
      Stages:
        - Name: Source
          Actions:
            - Name: GitHub
              ActionTypeId:
                Category: Source
                Owner: ThirdParty
                Version: 1
                Provider: GitHub
              Configuration:
                Owner: !Ref GitHubOwner
                Repo: !Ref GitHubRepo
                Branch: !Ref GitHubBranch
                OAuthToken: !Ref GitHubToken
              OutputArtifacts:
                - Name: JavaSource
              RunOrder: 1
...

我希望能够git在以下构建步骤中对源代码运行操作。但是，此源操作不包括.git输出工件中的文件夹。

如何修改它以便我可以访问git存储库上的操作？

我现在非常困惑，并且正在努力使用 AWS。我创建了一个副驾驶应用程序，创建了服务，后来想删除它。我似乎手动删除了一些东西，现在我留下了一个无法操作的堆栈集，我无法删除它。由于堆栈必须为空，但堆栈实例无法操作，所以我无法对其执行任何操作

我有两个角色，执行和管理，这是执行角色

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "cloudformation:*",
                "s3:*",
                "sns:*"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "StackSetRequiredPermissions"
        },
        {
            "Action": [
                "kms:*"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "ManageKMSKeys"
        },
        {
            "Action": [
                "ecr:DescribeImageScanFindings",
                "ecr:GetLifecyclePolicyPreview",
                "ecr:CreateRepository",
                "ecr:GetDownloadUrlForLayer",
                "ecr:GetAuthorizationToken",
                "ecr:ListTagsForResource",
                "ecr:ListImages",
                "ecr:DeleteLifecyclePolicy",
                "ecr:DeleteRepository",
                "ecr:SetRepositoryPolicy",
                "ecr:BatchGetImage",
                "ecr:DescribeImages",
                "ecr:DescribeRepositories",
                "ecr:BatchCheckLayerAvailability",
                "ecr:GetRepositoryPolicy",
                "ecr:GetLifecyclePolicy",
                "ecr:TagResource"
            ],
            "Resource": "*",
            "Effect": "Allow",
            "Sid": "ManageECRRepos"
        }
    ]
}

这是管理员

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "cloudformation:*",
                "s3:*",
                "sns:*"
            ],
            "Resource": "*",
            "Effect": …

我使用无服务器文件 + CloudFormation 在 AWS Athena 服务上创建表。

我的无服务器.yml：

...
CardBulkWorkgroup:
  Type: AWS::Athena::WorkGroup
  Properties:
    Name: ${opt:stage}-${opt:client}-CardBulk
    WorkGroupConfiguration:
      ResultConfiguration:
        OutputLocation: s3://${lower:${opt:stage}}-${lower:${opt:client}}-card-bulk-athena-result

CardBulkDatabase:
  Type: AWS::Glue::Database
  Properties:
    CatalogId: !Ref AWS::AccountId
    DatabaseInput:
      Name: ${lower:${opt:stage}}_${lower:${opt:client}}_bulkcard

CardBulkTable:
  Type: AWS::Glue::Table
  Properties:
    CatalogId: !Ref AWS::AccountId
    DatabaseName: !Ref CardBulkDatabase
    TableInput:
      Name: card
      StorageDescriptor:
        Columns:
          - Name: cardId
            Type: int
          - Name: metadata
            Type: struct<orderId:string, convertVirtualToPhysicalErrors:string>
          - Name: orderId
            Type: string
          - Name: errors
            Type: string
        Location: s3://${lower:${opt:stage}}_${lower:${opt:client}}-files/cards
        InputFormat: org.apache.hadoop.mapred.TextInputFormat
        OutputFormat: org.apache.hadoop.hive.ql.io.IgnoreKeyTextOutputFormat
        SerdeInfo:
          SerializationLibrary: org.openx.data.jsonserde.JsonSerDe
          Parameters:
            "serialization.format": "1"

CardBulkAthenaBucketResult:
  Type: AWS::S3::Bucket …

这对后端来说是一件非常痛苦的事情，浪费了好几个小时，而且仍然无法弄清楚 AWS CloudFormation 的一行语法。

如果 AWS 的人员可以更好地编写他们的文档 - 只需多花一点时间 - 这对开发人员来说会更容易。

我正在尝试使用 CloudFormation 来部署具有 VPC Link 和 NLB 的 API Gateway。目标是将所有请求代理传递到 NLB：

  ApiProxyMethod: 
    Type: AWS::ApiGateway::Method
    Properties: 
      RestApiId: !Ref ApiGatewayRestApi
      ResourceId: !Ref ApiProxyResource
      # AuthorizationScopes: # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html#cfn-apigateway-method-authorizationscopes
      AuthorizationType: COGNITO_USER_POOLS
      AuthorizerId: !Ref ApiAuthorizer
      HttpMethod: ANY
      OperationName: "ProxyAllRequests"
      Integration: 
        ConnectionType: VPC_LINK
        ConnectionId: !Ref ApiGatewayVpcLink
        IntegrationHttpMethod: ANY
        PassthroughBehavior: String
        Type: "VPC_LINK" # Member must satisfy enum value set: [HTTP, AWS_PROXY, HTTP_PROXY, AWS] 
        Uri: "http://NLB-myapp-internal-beta-12345.elb.ap-northeast-1.amazonaws.com/{proxy}"

然而，这失败了，它抱怨错误的Type值：Member must satisfy enum value set: [HTTP, …

有谁知道任何 CloudFormation 可以通过 Terraform 在 QLDB 创建表（不是分类帐）？

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-qldb-ledger.html

使用云信息模板创建Amazon RDS Master并读取副本群集.