-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstackset-build-template.yaml
112 lines (105 loc) · 3.44 KB
/
stackset-build-template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
Metadata:
GhaStack:
localTemplateFile: &gha_template_body ./stacksets/gha-build/stackset.yaml
SamStack:
localTemplateFile: &sam_template_body ./stacksets/gha-build/sam-deployment.yaml
CfnCrStack:
localTemplateFile: &cfn_cr_template_body ./stacksets/cfn-custom-resource-build/stackset.yaml
AWSTemplateFormatVersion: '2010-09-09'
Transform:
- 'AWS::Serverless-2016-10-31'
Description: GitHib Actions integration stacks
Parameters:
CiCdOuIds:
Type: CommaDelimitedList
Description: Comma separated list of OUs
TargetRegions:
Type: CommaDelimitedList
Description: Comma separated list of regions
AwsOrganizationId:
Type: String
Description: AWS Organization ID
CustomResourceTopicName:
Type: String
Description: Custom resource ARN
Resources:
OrgCiCdSamArtifacts:
Type: AWS::CloudFormation::StackSet
Properties:
StackSetName: CiCdSamArtifacts
Description: AWS SAM Deployment
Parameters:
- ParameterKey: AwsOrganizationId
ParameterValue: !Ref AwsOrganizationId
- ParameterKey: BuildAccount
ParameterValue: 'true'
StackInstancesGroup:
- DeploymentTargets:
OrganizationalUnitIds: !Ref CiCdOuIds
Regions: !Ref TargetRegions
AutoDeployment:
Enabled: true
RetainStacksOnAccountRemoval: false
ManagedExecution:
Active: true
OperationPreferences:
RegionConcurrencyType: PARALLEL
FailureToleranceCount: 1
MaxConcurrentCount: 5
PermissionModel: SERVICE_MANAGED
TemplateBody: *sam_template_body
OrgCiCdGhaBuild:
Type: AWS::CloudFormation::StackSet
DependsOn: OrgCiCdSamArtifacts
Properties:
StackSetName: CiCdGhaBuild
Description: GHA CI/CD Deployment Build
Parameters:
- ParameterKey: DeployBucketArn
ParameterValue: '/org/cicd/SamDeployBucketArn'
- ParameterKey: AwsOrganizationId
ParameterValue: !Ref AwsOrganizationId
StackInstancesGroup:
- DeploymentTargets:
OrganizationalUnitIds: !Ref CiCdOuIds
Regions: !Ref TargetRegions
Capabilities:
- CAPABILITY_NAMED_IAM
AutoDeployment:
Enabled: true
RetainStacksOnAccountRemoval: false
ManagedExecution:
Active: true
OperationPreferences:
RegionConcurrencyType: PARALLEL
FailureToleranceCount: 1
MaxConcurrentCount: 5
PermissionModel: SERVICE_MANAGED
TemplateBody: *gha_template_body
DeployAccountCfnCustomResourcesSupport:
Type: AWS::CloudFormation::StackSet
Properties:
StackSetName: OrgBuildAccountCfnCustomResources
Description: Provides shared AWS CFN Custom Resources
Parameters:
- ParameterKey: AwsOrganizationId
ParameterValue: !Ref AwsOrganizationId
- ParameterKey: CustomResourceTopicName
ParameterValue: !Ref CustomResourceTopicName
StackInstancesGroup:
- DeploymentTargets:
OrganizationalUnitIds: !Ref CiCdOuIds
Regions: !Ref TargetRegions
AutoDeployment:
Enabled: true
RetainStacksOnAccountRemoval: false
ManagedExecution:
Active: true
OperationPreferences:
RegionConcurrencyType: PARALLEL
FailureToleranceCount: 1
MaxConcurrentCount: 5
Capabilities:
- CAPABILITY_NAMED_IAM
PermissionModel: SERVICE_MANAGED
TemplateBody: *cfn_cr_template_body