{"id":20790507,"url":"https://github.com/docker-production-aws/aws-cloudformation","last_synced_at":"2025-10-26T08:42:31.023Z","repository":{"id":176607451,"uuid":"83680104","full_name":"docker-production-aws/aws-cloudformation","owner":"docker-production-aws","description":"Ansible Role for deploying AWS CloudFormation Infrastructure","archived":false,"fork":false,"pushed_at":"2017-11-22T17:33:07.000Z","size":50,"stargazers_count":6,"open_issues_count":0,"forks_count":25,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-05-30T07:46:48.758Z","etag":null,"topics":["ansible","ansible-role","aws","aws-cloudformation","cloudformation","cloudformation-stacks","cloudformation-template","immutable-infrastructure","infrastructure-as-code","jinja2-templates","playbook","pluralsight"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/docker-production-aws.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-02T13:21:40.000Z","updated_at":"2022-05-01T23:48:12.000Z","dependencies_parsed_at":"2024-02-06T01:30:26.047Z","dependency_job_id":null,"html_url":"https://github.com/docker-production-aws/aws-cloudformation","commit_stats":null,"previous_names":["docker-production-aws/aws-cloudformation"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/docker-production-aws/aws-cloudformation","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-production-aws%2Faws-cloudformation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-production-aws%2Faws-cloudformation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-production-aws%2Faws-cloudformation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-production-aws%2Faws-cloudformation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker-production-aws","download_url":"https://codeload.github.com/docker-production-aws/aws-cloudformation/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker-production-aws%2Faws-cloudformation/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281079593,"owners_count":26440321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-26T02:00:06.575Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","aws","aws-cloudformation","cloudformation","cloudformation-stacks","cloudformation-template","immutable-infrastructure","infrastructure-as-code","jinja2-templates","playbook","pluralsight"],"created_at":"2024-11-17T15:35:29.328Z","updated_at":"2025-10-26T08:42:30.997Z","avatar_url":"https://github.com/docker-production-aws.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS CloudFormation Role\n\nThis is an Ansible role for generating CloudFormation templates and deploying CloudFormation stacks to Amazon Web Services.\n\n## Requirements\n\n- Python 2.7\n- PIP package manager (**easy_install pip**)\n- Ansible 2.4 or greater (**pip install ansible**)\n- Boto3 (**pip install boto3**)\n- Netaddr (**pip install netaddr**)\n- AWS CLI (**pip install awscli**) installed and configured\n\n## Setup\n\nThe recommended approach to use this role is an Ansible Galaxy requirement to your Ansible playbook project.\n\nThe role should be placed in the folder **roles/aws-cloudformation**, and can then be referenced from your playbooks as a role called `aws-cloudformation`.\n\nYou should also specify a specific release that is compatible with your playbook.\n\n### Installation using Ansible Galaxy\n\nTo set this role up as an Ansible Galaxy requirement, first create a `requirements.yml` file in a `roles` subfolder of your playbook and add an entry for this role.  See the [Ansible Galaxy documentation](http://docs.ansible.com/ansible/galaxy.html#installing-multiple-roles-from-a-file) for more details.\n\n```\n# Example requirements.yml file\n- src: https://github.com/docker-in-production/aws-cloudformation.git\n  scm: git\n  version: v1.0\n  name: aws-cloudformation\n```\n\nOnce you have created `requirements.yml`, you can install the role using the `ansible-galaxy` command line tool.\n\n```\n$ ansible-galaxy install -r roles/requirements.yml -p ./roles/ --force\n```\n\nTo update the role version, simply update the `requirements.yml` file and re-install the role as demonstrated above.\n\n## Usage\n\nThis role is designed to be used with CloudFormation stacks and relies on a CloudFormation template file being provided by the consuming playbook.\n\nThe default convention is to create the template file at the path `templates/stack.yml.j2` in the playbook repository.  \n\n\u003e You can override the default template file by setting the `Stack.Template` variable.\n\nThe expected format of the CloudFormation template is a [Jinja2 template](http://jinja.pocoo.org/docs/dev/), although you can provide a literal template.  This allows you to perform Jinja2 template variable substitution and more advanced constructs to generate your CloudFormation templates. \n\nThe recommended approach is to describe your template in a YAML format, as this role will automatically convert to a minified JSON format.\n\n\u003e This role does not currently support AWS YAML syntax.  The role will convert your template and upload the template as minified JSON.\n\nThe following variables are used to configure this role:\n\n- `Stack.Name` (required) - defines the stack name\n- `Stack.Inputs` (optional) - a dictionary of stack inputs to provide to the stack.  This is required if your stack has any mandatory input parameters.\n- `Stack.Policy` (optional) - defines the stack policy in a YAML or JSON format.\n- `Stack.Bucket` (optional) - defines the S3 bucket where the CloudFormation template will be uploaded.  This defaults to `\u003caccount-id\u003e-cfn-templates` if not specified.\n- `Stack.Upload` (optional) - uploads the generated CloudFormation template to an S3 bucket defined by the `Stack.Bucket` variable.  Defaults to `false`.\n\nInvoking this role will generate a folder called `build` in the current working directory, along with a timestamped folder of the current date (e.g. `./build/20160705154440/`).  Inside this folder the following files are created:\n\n- `stack.yml` - the generated CloudFormation template in human readable YAML format.\n- `stack.json` - the generated CloudFormation template in compact JSON format.  This is the template that is uploaded to the AWS CloudFormation service when creating or updating a stack.\n- `policy.json` - the stack policy JSON file that is uploaded to the AWS CloudFormation service.\n\n### S3 Template Upload\n\nThe S3 template upload feature is disabled by default, but can be enabled if required by setting the variable `Stack.Upload` to `true`.\n\nThe `stack.json` template will be uploaded to an S3 bucket as defined by the variable `Stack.Bucket`.\n\n### Generating a Template Only\n\nYou can generate a template only by passing the tag `generate` to this role.  This will only create the templates as described above, but not attempt to create or update the stack in CloudFormation.\n\n`ansible-playbook site.yml -e env=dev --tags generate`\n\nNote the generated template will be uploaded to S3 as described earlier.\n\n### Temporarily Disabling Stack Policy\n\nYou can temporarily disable the stack policy for a provisioning run by setting the variable `Stack.DisablePolicy` to true:\n\n`ansible-playbook site.yml -e env=prod -e Stack.DisablePolicy=true`\n\nThis will set to the stack policy to the following policy before stack modification:\n\n```\n{\n    \"Statement\" : [\n      {\n        \"Effect\" : \"Allow\",\n        \"Action\" : \"Update:*\",\n        \"Principal\": \"*\",\n        \"Resource\" : \"*\"\n      }\n    ]\n  }\n```\n\nAnd then after stack modification is complete, reset the stack policy to it's previous state.  \n\n\u003e Note: This role will also reset the stack policy in the event of a stack modification failure\n\n### Role Facts\n\nThis role sets the following facts that you can use subsequently in your roles:\n\n- `cloudformation['\u003cstack-name\u003e']` - CloudFormation facts about the created stack.  This includes stack resources and stack outputs.\n- `Stack.Facts` - CloudFormation facts about the created stack.  This includes stack resources and stack outputs and is identical to the `cloudformation['\u003cstack-name\u003e']` fact.\n- `Stack.Url` - S3 URL of the CloudFormation template.\n\n## Examples\n\n### Invoking the Role\n\nThe following is an example of a playbook configured to use this role.  Note the use of the [AWS STS role](https://github.com/docker-production-aws/aws-sts.git) to obtain STS credentials is separate from this role.\n\n```\n---\n- name: STS Assume Role Playbook\n  hosts: \"{{ env }}\"\n  gather_facts: no\n  environment:\n  vars:\n    Sts:\n      Role: \"arn:aws:iam::123456789:role/admin\"\n      SessionName: testAssumeRole\n      Region: us-west-2\n  roles:\n  - aws_sts\n\n- name: Stack Deployment Playbook\n  hosts: \"{{ env }}\"\n  environment: \"{{ Sts.Credentials }}\"\n  roles:\n    - aws-cloudformation\n```\n\n## Release Notes\n\n### Version 1.0\n\n- First Release\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker-production-aws%2Faws-cloudformation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdocker-production-aws%2Faws-cloudformation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdocker-production-aws%2Faws-cloudformation/lists"}