使用Cloudformation在S3存储桶中创建文件夹 [英] create folder inside S3 bucket using Cloudformation

问题描述

我能够使用cloudformation创建一个S3存储桶，但是想在S3存储桶中创建一个文件夹。.

I'm able to create an S3 bucket using cloudformation but would like to create a folder inside an S3 bucket..like

<mybucket>--><myfolder>

请让我知道用于在存储桶中创建文件夹的模板...都应该同时创建...

Please let me know the template to be used to create a folder inside a bucket ...both should be created at the sametime...

我正在使用如下所示的AWS lambda

I'm Using AWS lambda as below

stackname = 'myStack'
client = boto3.client('cloudformation')
response = client.create_stack(
    StackName= (stackname),
    TemplateURL= 'https://s3.amazonaws.com/<myS3bucket>/<myfolder>/nestedstack.json',
    Parameters=<params>
)

推荐答案

AWS没有提供官方的CloudFormation资源来在S3存储桶中创建对象。但是，您可以创建由Lambda支持的自定义资源使用AWS开发工具包，实际上是 gilt / cloudformation-helpers GitHub存储库提供了一个现成的自定义资源来执行此操作。

AWS doesn't provide an official CloudFormation resource to create objects within an S3 bucket. However, you can create a Lambda-backed Custom Resource to perform this function using the AWS SDK, and in fact the gilt/cloudformation-helpers GitHub repository provides an off-the-shelf custom resource that does just this.

与任何自定义资源设置一样，它有点冗长，因为您需要首先部署Lambda函数和IAM权限，然后在堆栈模板中将其引用为自定义资源。

As with any Custom Resource setup is a bit verbose, since you need to first deploy the Lambda function and IAM permissions, then reference it as a custom resource in your stack template.

首先，添加 Lambda :: Function 和关联的 IAM :: Role 资源到堆栈模板：

First, add the Lambda::Function and associated IAM::Role resources to your stack template:

"S3PutObjectFunctionRole": {
  "Type": "AWS::IAM::Role",
  "Properties": {
    "AssumeRolePolicyDocument": {
      "Version" : "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Principal": {
            "Service": [ "lambda.amazonaws.com" ]
          },
          "Action": [ "sts:AssumeRole" ]
        }
      ]
    },
    "ManagedPolicyArns": [
      { "Ref": "RoleBasePolicy" }
    ],
    "Policies": [
      {
        "PolicyName": "S3Writer",
        "PolicyDocument": {
          "Version" : "2012-10-17",
          "Statement": [
            {
              "Effect": "Allow",
              "Action": [
                "s3:DeleteObject",
                "s3:ListBucket",
                "s3:PutObject"
              ],
              "Resource": "*"
            }
          ]
        }
      }
    ]
  }
},
"S3PutObjectFunction": {
  "Type": "AWS::Lambda::Function",
  "Properties": {
    "Code": {
      "S3Bucket": "com.gilt.public.backoffice",
      "S3Key": "lambda_functions/cloudformation-helpers.zip"
    },
    "Description": "Used to put objects into S3.",
    "Handler": "aws/s3.putObject",
    "Role": {"Fn::GetAtt" : [ "S3PutObjectFunctionRole", "Arn" ] },
    "Runtime": "nodejs",
    "Timeout": 30
  },
  "DependsOn": [
    "S3PutObjectFunctionRole"
  ]
},

然后，您可以将Lambda函数用作自定义资源来创建S3对象：

Then you can use the Lambda function as a Custom Resource to create your S3 object:

"MyFolder": {
  "Type": "Custom::S3PutObject",
  "Properties": {
    "ServiceToken": { "Fn::GetAtt" : ["S3PutObjectFunction", "Arn"] },
    "Bucket": "mybucket",
    "Key": "myfolder/"
  }
},

您还可以使用相同的自定义资源通过以下方式编写基于字符串的S3对象：除了 Bucket 和 Key 之外，还添加一个 Body 参数（参见文档）。

You can also use the same Custom Resource to write a string-based S3 object by adding a Body parameter in addition to Bucket and Key (see the docs).

这篇关于使用Cloudformation在S3存储桶中创建文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！