lapkritinis
Reputation: 2814
AWS Cloudformation how from S3 bucket names CommaDelimitedList make list of ARN - semi for loop cycle
Here are parameters - S3 bucket names list:
Parameters:
S3BucketNames:
Description: Enter S3 Bucket Names
Type: CommaDelimitedList
Default: my-first-bucket,testing-bucket,codepipeline-bucket
Need to make policy IAM Policy for GetObject, PutObject operations, when arn has to be in the following format suitable for IAM policy:
arn:${Partition}:s3:::${BucketName}/${ObjectName}
In my example it should look like:
"arn:aws:s3:::my-first-bucket/*",
"arn:aws:s3:::testing-bucket/*",
"arn:aws:s3:::codepipeline-bucket/*"
Upvotes: 1
Views: 1254
Answers (1)
lapkritinis
Reputation: 2814
I had to think a bit how I can pull it off, obvious when you know it, but maybe will be helpfull for someone:
S3RolePolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: DemoPolicy
PolicyDocument:
Statement:
- Effect: Allow
Action:
- s3:PutObject
- s3:GetObject
Resource: !Split
- ","
- !Sub
- arn:aws:s3:::${S3Middle}/*
- S3Middle: !Join [ "/*,arn:aws:s3:::" , !Ref S3BucketNames ]
It's not a full CloudFormation template - just sample peace
Upvotes: 4
Related Questions
- How to loop through values in a CloudFormation template
- How to transform CommaDelimitedList parameter to build ARNs in CloudFormation
- How to create list of resource ARNS using a CommaDelimitedList parameter?
- CloudFormation Magic to Generate A List of ARNs from a List of Account Ids
- Using the Cloudformation Join function with a CommaDelimitedList Parameter to build IAM ARNs
- Generate a list of AWS products available in cloudformation
- How to get S3 bucket name from S3 ARN using cloudformation
- Loop list in Cloudformation
- Output a list in cloud formation
- Create Multiple S3 Buckets having same properties with cloudformation