GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → davidmoten → aws-maven-plugin

davidmoten / aws-maven-plugin

Licence: Apache-2.0 license
Deploys resources to AWS using maven

Programming Languages

java
68154 projects - #9 most used programming language
shell
77523 projects

Labels

awslambdacloudformationaws-lambdaaws-s3s3-bucketmaven-pluginaws-cloudformationbeanstalkaws-beanstalk

Projects that are alternatives of or similar to aws-maven-plugin

Bucket-Flaws
Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (+72%)
Mutual labels:  aws-s3, s3-bucket
tug
Private Composer registry for private PHP packages on AWS Serverless
Stars: ✭ 33 (+32%)
Mutual labels:  aws-s3, aws-cloudformation
S3Scan
Script to spider a website and find publicly open S3 buckets
Stars: ✭ 21 (-16%)
Mutual labels:  aws-s3, s3-bucket
aws-cfn-custom-resource-lambda-edge
🏗 AWS CloudFormation custom resource that allows deploying Lambda@Edge from any region
Stars: ✭ 19 (-24%)
Mutual labels:  cloudformation, aws-cloudformation
BlobHelper
BlobHelper is a common, consistent storage interface for Microsoft Azure, Amazon S3, Komodo, Kvpbase, and local filesystem written in C#.
Stars: ✭ 23 (-8%)
Mutual labels:  aws-s3, s3-bucket
image-uploader
JavaScript Image Uploader Library for use with Amazon S3
Stars: ✭ 19 (-24%)
Mutual labels:  aws-s3, s3-bucket
wolkenkratzer
Javascript library for generating CloudFormation templates
Stars: ✭ 13 (-48%)
Mutual labels:  cloudformation, aws-cloudformation
Serverless Sharp
Serverless image optimizer for S3, Lambda, and Cloudfront
Stars: ✭ 102 (+308%)
Mutual labels:  lambda, s3-bucket
Hands-On-Serverless-Applications-with-Go
Hands-On Serverless Applications with Go, published by Packt.
Stars: ✭ 92 (+268%)
Mutual labels:  lambda, cloudformation
aws-cfn-ses-domain
AWS CloudFormation resources for Amazon SES domain and email identities
Stars: ✭ 45 (+80%)
Mutual labels:  cloudformation, aws-cloudformation
flask-drive
A simple Flask app to upload and download files off Amazon's S3
Stars: ✭ 23 (-8%)
Mutual labels:  aws-s3, s3-bucket
serverless-cloudformation-sub-variables
Serverless framework plugin for easily supporting AWS CloudFormation Sub intrinsic function variables
Stars: ✭ 25 (+0%)
Mutual labels:  cloudformation, aws-cloudformation
cloudwatch-dashboards-cloudformation-sample
A sample project to demonstrate using Cloudformation, how to create and configure CloudWatch metric filters, alarms and a dashboard to monitor an AWS Lambda function.
Stars: ✭ 61 (+144%)
Mutual labels:  cloudformation, aws-cloudformation
serverless-discord-bot
A serverless Discord Bot template built for AWS Lambda based on Discord's slash commands and the slash-create library.
Stars: ✭ 37 (+48%)
Mutual labels:  cloudformation, aws-cloudformation
cloudformation-resource-schema
The CloudFormation Resource Schema defines the shape and semantic for resources provisioned by CloudFormation. It is used by provider developers using the CloudFormation RPDK.
Stars: ✭ 77 (+208%)
Mutual labels:  cloudformation, aws-cloudformation
mlflow-tracking-server
MLFLow Tracking Server based on Docker and AWS S3
Stars: ✭ 59 (+136%)
Mutual labels:  aws-s3, s3-bucket
Awesome Aws
A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
Stars: ✭ 9,895 (+39480%)
Mutual labels:  lambda, cloudformation
Lambstatus
[Maintenance mode] Serverless Status Page System
Stars: ✭ 1,323 (+5192%)
Mutual labels:  lambda, cloudformation
go-localstack
Go Wrapper for using localstack
Stars: ✭ 56 (+124%)
Mutual labels:  lambda, cloudformation
aws-node-custom-user-pool
Serverless AWS Cognito Custom User Pool Example
Stars: ✭ 15 (-40%)
Mutual labels:  lambda, cloudformation
View All Similar Projects ➔

aws-maven-plugin


Maven Central

  • Deploy a zipped artifact (zip or war for instance) to an environment on AWS Elastic Beanstalk
  • Deploy a zipped artifact (zip or jar for instance) to a function on AWS Lambda
  • Deploy a directory to an S3 bucket giving all users read permissions (designed for public S3-hosted websites)
  • Create/Update a stack on CloudFormation
  • Deploy an API Gateway Rest API (CloudFormation does not deploy an api to a stage)
  • Remove instance security group rules pertaining to particular ports on a Beanstalk deployment (exists because of known inadequacies in cloudformation and default security group creation)
  • Supports java 7+
  • Supports proxy

Status: released to Maven Central

Maven reports

How to use

Authentication

You must provide credentials in order to make requests to AWS services. You can either specify the credentials in the plugin configuration or rely on the default credential provider chain, which attemps to find the credentials in different sources. The followin order is used to find the AWS credentials:

  1. If serverId is specified, the plugin checks the Maven server authentication profile. In that case your ~/.m2/settings.xml has to include AWS access keys. In the servers tag, add a child server tag with an id with the serverId you specified earlier in the plugin configuration. Use username and password to define your AWS access and AWS secret access keys respectively: 
    <server>
    <id>mycompany.aws</id>
    <username>AWS_ACCESS_KEY_HERE</username>
    <password>AWS_SECRET_ACCESS_KEY_HERE</password>
</server>
    Only the password field (secret access key) in the server element can be encrypted (as per mvn -ep).
  2. Plugin configuration – awsAccessKey and awsSecretAccessKey parameters.
  3. Default AWS credential provider chain:
    1. Environment variables – AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
    2. Java system properties – aws.accessKeyId and aws.secretKey.
    3. The default credential profiles file, that is usually located at ~/.aws/credentials
    4. Amazon ECS container credentials.
    5. Instance profile credentials.
    6. Web Identity Token credentials from the environment or container.

Deploy to Beanstalk

Add this to the <plugins> section of your pom.xml:

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>${env.YOUR_AWS_ACCESS_KEY}</awsAccessKey>
        <awsSecretAccessKey>${env.YOUR_AWS_SECRET_ACCESS_KEY}</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>
        
        <artifact>${project.build.directory}/my-artifact.war</artifact>
        <applicationName>my-application-name</applicationName>
        <environmentName>my-environment-name</environmentName>
        <!-- optional versionLabel -->
        <versionLabel>my-artifact-${maven.build.timestamp}.war</versionLabel>
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.me.com</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

Notes:

  • If you don't access AWS via an https proxy then leave those configuration settings out.
  • You can also specify a <versionLabel> in configuration if you want. If you don't it is automatically generated for you using the application name and a timestamp.

To deploy a war and get it running on Beanstalk:

export AWS_ACCESS_KEY=<your_key>
export AWS_SECRET_ACCESS_KEY=<your_secret>
mvn package aws:deploy

The user represented by the AWS access key must have put permission on S3 and full access permission on ElasticBeanstalk.

Deploy to Lambda

Add this to the <plugins> section of your pom.xml:

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>${env.YOUR_AWS_ACCESS_KEY}</awsAccessKey>
        <awsSecretAccessKey>${env.YOUR_AWS_SECRET_ACCESS_KEY}</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>
        
        <artifact>${project.build.directory}/my-artifact.war</artifact>
        <functionName>myFunction</functionName>
        <!-- optional functionAlias, if included an alias for the new lambda version is created -->
        <functionAlias>${project.version}-${maven.build.timestamp}</functionAlias>
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.mycompany</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

Notes:

  • If you don't access AWS via an https proxy then leave those configuration settings out.
  • Adding AWSLambdaFullAccess managed policy to your user in IAM doesn't give you the ability to call UpdateFunctionCode. To fix this add an inline policy as below:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1464440182000",
            "Effect": "Allow",
            "Action": [
                "lambda:InvokeAsync",
                "lambda:InvokeFunction",
                "lambda:UpdateFunctionCode"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

To deploy a jar and get it running on Lambda:

export AWS_ACCESS_KEY=<your_key>
export AWS_SECRET_ACCESS_KEY=<your_secret>
mvn package aws:deployLambda

Deploy directory to S3

  • deploys a directory to a path in an S3 bucket
  • all uploaded files are given public read permissions (can configure this off)
  • designed for upload of public websites

Add this to the <plugins> section of your pom.xml:

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>${env.YOUR_AWS_ACCESS_KEY}</awsAccessKey>
        <awsSecretAccessKey>${env.YOUR_AWS_SECRET_ACCESS_KEY}</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>
        
        <inputDirectory>src/main/webapp</inputDirectory>

        <!-- if false uses bucket default ACL -->
        <!-- default is true -->
        <publicRead>false</publicRead>

        <bucketName>the_bucket</bucketName>
        <outputBasePath></outputBasePath>
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.mycompany</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

Notes:

  • If you don't access AWS via an https proxy then leave those configuration settings out.
export AWS_ACCESS_KEY=<your_key>
export AWS_SECRET_ACCESS_KEY=<your_secret>
mvn package aws:deployS3

Create/Update CloudfFormation stack

To create or update a stack in CloudFormation (bulk create/modify resources in AWS using a declarative definition) specify the name of the stack, the template and its parameters to the plugin as below.

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>${env.YOUR_AWS_ACCESS_KEY}</awsAccessKey>
        <awsSecretAccessKey>${env.YOUR_AWS_SECRET_ACCESS_KEY}</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>
        
        <stackName>myStack</stackName>
        <template>src/main/aws/cloudformation.yaml</template>
        <!--
        or use already uploaded s3 artifact
        <templateUrl>https://bucketName.s3.amazonaws.com/filename.yml</templateUrl>
        -->
        <parameters>
            <mode>dev</mode>
            <version>6.01</version>
        </parameters>
        <intervalSeconds>2</intervalSeconds>
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.mycompany</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

and call

mvn package aws:deployCf

Deploy an API Gateway API to a Stage

Use the deployRestApi goal:

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>${env.YOUR_AWS_ACCESS_KEY}</awsAccessKey>
        <awsSecretAccessKey>${env.YOUR_AWS_SECRET_ACCESS_KEY}</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>
        
        <restApiName>my-gateway</restApiName>
        <stage>dev</stage>
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.mycompany</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

and call

mvn package aws:deployRestApi

Remove instance security group rules for particular ports on a Beanstalk deployment

Use the removePorts goal:

<plugin>
    <groupId>com.github.davidmoten</groupId>
    <artifactId>aws-maven-plugin</artifactId>
    <version>[LATEST_VERSION]</version>
    <configuration>
        <!-- Optional authentication configuration. The default credential provider chain is used if the configuration is omitted -->
        <!-- if you have serverId then exclude awsAccessKey and awsSecretAccessKey parameters -->
        <serverId>aws</serverId>
        <!-- if you omit serverId then put explicit keys here as below -->
        <awsAccessKey>YOUR_AWS_ACCESS_KEY</awsAccessKey>
        <awsSecretAccessKey>YOUR_AWS_SECRET_ACCESS_KEY</awsSecretAccessKey>
        
        <!-- The default region provider chain is used if the region is omitted -->
        <region>ap-southeast-2</region>

        <removePorts>
          <removePort>80</removePort>
        </removePorts>
                
        <!-- optional proxy config -->
        <httpsProxyHost>proxy.mycompany</httpsProxyHost>
        <httpsProxyPort>8080</httpsProxyPort>
        <httpsProxyUsername>user</httpsProxyUsername>
        <httpsProxyPassword>pass</httpsProxyPassword>
    </configuration>
</plugin>

and call

mvn package aws:removePorts

Output from a sample run:

[INFO] getting instance ids for environment blah-blah
[INFO] getting security group ids for instance ids [i-017071d415b837a6f]
[INFO] getting security group rules for security group ids [sg-081ae8c0d524d1a99]
[INFO] revoking security group rules {sg-081ae8c0d524d1a99=[sgr-0eb6bfef7cb762f86]}
[INFO] revoked=true for groupId=sg-081ae8c0d524d1a99, ruleIds=[sgr-0eb6bfef7cb762f86]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  3.357 s
[INFO] Finished at: 2022-06-22T15:59:59+10:00
[INFO] ------------------------------------------------------------------------

Nice and easy! (Let me know if you have any problems!)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].