t.aws-cdk-maven-plugin.0.0.1.source-code.bootstrap-template-v0.yaml Maven / Gradle / Ivy
Description: |
The CDK Toolkit Stack. It was created by `cdk bootstrap` and manages resources necessary for managing your Cloud
Applications with AWS CDK.
Parameters:
FileAssetsBucketName:
Description: |
The name of the S3 bucket used for file assets. If not specified, the name will be generated by CloudFormation.
Default: ''
Type: String
FileAssetsBucketKmsKeyId:
Description: 'Custom KMS key ID to use for encrypting file assets'
Default: ''
Type: String
Conditions:
FileAssetsBucketNameDefined: !Not [!Equals [!Ref FileAssetsBucketName, '']]
FileAssetsBucketKmsKeyIdDefined: !Not [!Equals [!Ref FileAssetsBucketKmsKeyId, '']]
Resources:
StagingBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !If [FileAssetsBucketNameDefined, !Ref FileAssetsBucketName, !Ref 'AWS::NoValue' ]
AccessControl: Private
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: 'aws:kms'
KMSMasterKeyID: !If [FileAssetsBucketKmsKeyIdDefined, !Ref FileAssetsBucketKmsKeyId, !Ref 'AWS::NoValue' ]
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: true
IgnorePublicAcls: true
RestrictPublicBuckets: true
StagingBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: StagingBucket
PolicyDocument:
Id: AccessControl
Version: '2012-10-17'
Statement:
- Sid: 'AllowSSLRequestsOnly'
Action: 's3:*'
Effect: 'Deny'
Resource:
- !Sub '${StagingBucket.Arn}'
- !Sub '${StagingBucket.Arn}/*'
Condition:
Bool:
aws:SecureTransport: 'false'
Principal: '*'
Outputs:
BucketName:
Description: 'The name of the S3 bucket owned by the CDK toolkit stack'
Value: !Ref StagingBucket
BucketDomainName:
Description: 'The domain name of the S3 bucket owned by the CDK toolkit stack'
Value: !GetAtt StagingBucket.RegionalDomainName
© 2015 - 2025 Weber Informatics LLC | Privacy Policy