s3-bucket-aws-cloudformation/template.yaml at master · data-derp/s3-bucket-aws-cloudformation · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Description: Creates a private, encrypted, non-versioned bucket called s3://${ProjectName}-${ModuleName}

Parameters:
  ProjectName:
    Type: String
    Description: Name of the project these resources belongs to
    Default: data-derp
  ModuleName:
    Type: String
    Description: Name of the module these resources belongs to
    Default: base

Resources:
  Bucket:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: "Private"
#      BucketEncryption:
#        ServerSideEncryptionConfiguration:
#          - ServerSideEncryptionByDefault:
#              SSEAlgorithm: "aws:kms"
      BucketName: !Sub "${ProjectName}-${ModuleName}"
      Tags:
        - Key: Project
          Value: !Ref ProjectName
        - Key: Module
          Value: !Ref ModuleName
      PublicAccessBlockConfiguration:
        BlockPublicPolicy: true
        BlockPublicAcls: true
        IgnorePublicAcls: true
        RestrictPublicBuckets: true