GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → widdix → Aws Cf Jail

widdix / Aws Cf Jail

Licence: mit
AWS CloudFormation jail

Programming Languages

javascript
184084 projects - #8 most used programming language

AWS CloudFormation jail

Allow your users with ReadOnlyAccess to create CloudFormation stacks with ease. Why do you want to do such a thing?.

  1. clone this repository $ git clone [email protected]:widdix/aws-cf-jail.git

  2. switch into the newly created folder $ cd aws-cf-jail/

  3. create a CloudFormation stack to provision the Lambda functions $ aws cloudformation create-stack --stack-name aws-cf-jail --template-body file://template.json --capabilities CAPABILITY_IAM

  4. wait until the stack is CREATE_COMPLETE with $ aws cloudformation describe-stacks --stack-name aws-cf-jail --query Stacks[0].StackStatus

  5. list the ARNs of the Lambda functions with $ aws cloudformation describe-stacks --stack-name aws-cf-jail --query Stacks[0].Outputs

    [
  {
    "OutputKey": "LambdaCreateStack", 
    "OutputValue": "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaCreateStack-YY1"
  }, 
  {
    "OutputKey": "LambdaDeleteStack", 
    "OutputValue": "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaDeleteStack-YY2"
  }, 
  {
    "OutputKey": "LambdaUpdateStack", 
    "OutputValue": "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaUpdateStack-YY3"
  }
]

  6. allow your users with ReadOnlyAccess to invoke the lambda functions by adding an inline policy to the IAM role. Replace the three Resources with the ARNs provided by the 5. step.

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "1",
      "Effect": "Allow",
      "Action": "lambda:InvokeFunction",
      "Resource": [
        "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaCreateStack-YY1",
        "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaCreateStack-YY2",
        "arn:aws:lambda:eu-west-1:XXX:function:aws-cf-jail-LambdaCreateStack-YY3"
      ]
    }
  ]
}


7. That´s it.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].