AWS::CloudFormation::Authentication
Use the AWS::CloudFormation::Authentication type to specify authentication credentials for files or sources that you specify with the AWS::CloudFormation::Init type.{
"Type" : "AWS::CloudFormation::Authentication" {
"String" : {
"accessKeyId" : String,
"buckets" : [ String, ... ],
"password" : String,
"secretKey" : String,
"type" : String,
"uris" : [ String, ... ],
"username" : String,
"roleName" : String
},
...
}
}
...
"files" : {
"/etc/chef/chef-validator.pem" : {
"source" : "https://s3.amazonaws.com/chefServer/web-validator.pem",
"authentication" : "S3AccessCreds"
},
To download file from S3, you need authentication.
- Using "AWS::IAM::AccessKey"
....
"HostKeys" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : { "Ref": "User" }
}
},
-----
"AWS::CloudFormation::Authentication" : {
"S3AccessCreds" : {
"type" : "S3",
"accessKeyId" : { "Ref" : "HostKeys" },
"secretKey" : {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]},
"buckets" : [ "myBucket" ]
}
}
To get accesskey and secretyKey provided by "AWS::IAM::AccessKey" Or rolename
2. Using rolename
"AWS::CloudFormation::Authentication": {"default" : {
"type": "s3",
"buckets": [ "myBucket" ],
"roleName": { "Ref": "myRole" }
}
}
Reference:
- http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html#cfn-cloudformation-authentication-rolename
- http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-authentication.html
Nice blog, thanks for providing useful information keep update with more information. Get touch with AWS Online Course Bangalore
ReplyDelete