Upload a File in Cloudformation Template Parameters

Configuring your AWS Source with CloudFormation

You tin utilise AWS CloudFormation to leverage AWS products without creating or configuring any AWS infrastructure. With AWS CloudFormation, you declare all of your resources and dependencies in a template file. The template defines a drove of resources as a single unit called a stack. AWS CloudFormation creates and deletes all member resource of the stack together and manages all dependencies between the resource for you.

For more than data nigh AWS CloudFormation, see the AWS CloudFormation Product Page.

Set upwards an SNS Subscription Endpoint

You tin can use either the AWS Command Line Interface (CLI) or create a stack on the AWS CloudFormation console to fix the SNS subscription.

  1. Both methods require a YAML file with the template. You can create a file with the provided YAML template or download the template from the Sumo interface. When creating the Source clickCreate URL and a Generate event-based polling template button becomes available.
    generate cloudformation template event subscription.png
Create a Stack on the AWS CloudFormation console
  1. Visit Services > Cloudformation > Create Stack > Upload a template to Amazon S3 and upload the file with the CloudFormation template and click Side by side. Meet Selecting a Stack Template for details.
    upload template when creating cloudformation stack.png

  2. Specify Details. Provide an advisable Stack Name, the S3 saucepan-name and endpoint URL yous obtained when creating the Source in Sumo and click Next. See Specifying Stack Proper noun and Parameters for details.

    specify details.png
  3. Options can remain the default, click Next again. Review for mistakes and so click Create.

  4. Get toServices > S3 and select the bucket to which you want to attach the notifications. Navigate to Properties > Events > Add Notification. Enter a Proper name for the effect notification. In the Events  section select, All object create events . In the Transport to section (notification destination) select SNS Topic. An SNS section becomes available, select the proper noun of the topic that AWS created in step 5 from the dropdown. The name format is SumoSNSTopic-<AWS::StackName>. Click Save.

Apply AWS Command Line Interface (CLI)
  1. Execute the post-obit AWS CLI command to create a stack, run into AWS Control Line Reference for create-stack for details.
    Replace the ParameterValue placeholders for each parameter, bucketName and sumoLogicSourceUrl:

$ aws cloudformation create-stack --stack-proper name sumo-sns --template-trunk file://./sumo-sns-cf.txt --parameter ParameterKey="bucketName",ParameterValue="bucketName" ParameterKey="sumoLogicSourceUrl",ParameterValue="sumoLogicSourceUrl"

  1. The topic is created by AWS and named based on the post-obit format:

SumoSNSTopic-<AWS::StackName>

YAML Template to Create Topic and SNS Subscription

AWSTemplateFormatVersion: "2010-09-09"
Description: "A template to create a topic and a subscription with the endpoint of the Sumo Logic source"
Parameters:
bucketName:
Description: "The proper name of the saucepan on which you lot want to configure your notification eg. myBucket"
Type: Cord
sumoLogicSourceUrl:
Description: "The endpoint URL that you obtained from the S3 source created with Sumo Logic eg. https://sumo-endpoint-events.sumolog...r/v1/event/xyz"
Type: String
Resources:
sumoSNSTopic:
Properties:
TopicName: !Sub "SumoSNSTopic-${AWS::StackName}"
Type: "AWS::SNS::Topic"

 sumoSNSSubcscription:
Properties:
TopicArn:
Ref: sumoSNSTopic
Endpoint:
Ref: sumoLogicSourceUrl
Protocol: https
DeliveryPolicy:
healthyRetryPolicy:
numRetries: forty
minDelayTarget: 10
maxDelayTarget: 300
numMinDelayRetries: 3
numMaxDelayRetries: five
numNoDelayRetries: 0
backoffFunction: exponential
Type: "AWS::SNS::Subscription"

 sumoSNSpolicy:
Properties:
PolicyDocument:
Id: SumoTopicPolicy
Argument:
-
Action: "sns:Publish"
Condition:
StringEquals:
aws:SourceAccount: !Ref "AWS::AccountId"
ArnLike:
aws:SourceArn: !Join ['', ['arn:aws:s3:*:*:', Ref: bucketName]]
Upshot: Let
Primary:
AWS: "*"
Resource:
Ref: sumoSNSTopic
Topics:
-
Ref: sumoSNSTopic
Blazon: "AWS::SNS::TopicPolicy"

Fix an IAM Role

You can grant Sumo Logic access to your AWS Product with an IAM Function using CloudFormation. You tin apply the AWS Command Line Interface (CLI) or create a stack on the AWS CloudFormation panel.

  1. Both methods crave a YAML file with the CloudFormation template. You can create a file with the provided YAML template or download a generated template from the Sumo interface when creating your Source by clicking the Generate office-based admission template  button. The button will only get available afterwards yous input the saucepan name.

iam role generate cloudformation template in UI.png

Apply AWS Command Line Interface (CLI)
  1. Execute the post-obit AWS CLI command to create a stack, see AWS Command Line Reference for create-stack for details.

$ aws cloudformation create-stack --stack-name sumo-office --template-body file://./part-s3bucket --capabilities CAPABILITY_IAM

  1. The role will be created past AWS and named based on the following format:

<stack_name>-SumoRole-<random_characters>

  1. Copy the Function ARN back to Sumo.
Create a Stack on the AWS CloudFormation console
  1. Visit Services > Cloudformation > Create Stack > Upload a template to Amazon S3 and upload the file with the CloudFormation template and click Next. Come across Selecting a Stack Template for details.
    upload template when creating cloudformation stack.png

  1. Specify Details. Provide an appropriate Stack Proper noun. And then click Side by side. See Specifying Stack Proper noun and Parameters for details.

    specify details no params.png
  2. Options can remain default, click Next over again. Review and cheque the box, "I acknowledge that AWS CloudFormation might create IAM resources." and and then click Create.

  3. The role will exist created by AWS and named based on the post-obit format:

    <stack_name>-SumoRole-<random_characters>

  4. Copy the Office ARN back to Sumo.

YAML Template to prepare an IAM Role

AWSTemplateFormatVersion: '2010-09-09'
Description: A CloudFormation template that creates a function for authenticating with
Sumo'southward AWS integrations.
Parameters:
ExternalID:
Type: Cord
Clarification: An ID used in the trust policy to designate who can assume the part, formatted every bit deployment:accountId. Eg. us1:0000000000000131
Actions:
Type: CommaDelimitedList
Clarification: Comma separated listing of permissive AWS deportment granted to the role. Eg. s3:GetObject,s3:GetObjectVersion,s3:ListBucketVersions,s3:ListBucket
Resources:
Type: CommaDelimitedList
Description: Comma separated ARNs of the AWS resources that the function volition take admission to. Eg. arn:aws:s3:::mybucket
Resource:
SumoRole:
Type: AWS::IAM::Function
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Argument:
- Effect: Let
Master:
AWS: arn:aws:iam::926226587429:root
Activity: sts:AssumeRole
Condition:
StringEquals:
sts:ExternalId:
Ref: ExternalID
Path: "/"
Policies:
- PolicyName: SumoPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Activeness:
Ref: Actions
Resource:
Ref: Resources

sidawaybrome1972.blogspot.com

Source: https://help.sumologic.com/03Send-Data/Sources/02Sources-for-Hosted-Collectors/Amazon-Web-Services/Configuring-your-AWS-Source-with-CloudFormation

0 Response to "Upload a File in Cloudformation Template Parameters"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel