diff options
Diffstat (limited to 'cloudformation/travis-resources.template')
-rw-r--r-- | cloudformation/travis-resources.template | 225 |
1 files changed, 225 insertions, 0 deletions
diff --git a/cloudformation/travis-resources.template b/cloudformation/travis-resources.template new file mode 100644 index 0000000000..9351501052 --- /dev/null +++ b/cloudformation/travis-resources.template @@ -0,0 +1,225 @@ + +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "mapbox-gl-native travis resources", + "Resources": { + "BuildUser": { + "Type": "AWS::IAM::User", + "Properties": { + "Policies": [ + { + "PolicyName": "list-testing-old", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::mapbox-gl-testing" + ] + } + ] + } + }, + { + "PolicyName": "build-testing-old", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:DeleteObject", + "s3:GetObject", + "s3:GetObjectAcl", + "s3:PutObject", + "s3:PutObjectAcl" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::mapbox-gl-testing/*" + ] + } + ] + } + }, + { + "PolicyName": "list-testing", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::mapbox" + ], + "Condition": { + "StringLike": { + "s3:prefix": "mapbox-gl-native/*" + } + } + } + ] + } + }, + { + "PolicyName": "build-testing", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:DeleteObject", + "s3:GetObject", + "s3:GetObjectAcl", + "s3:PutObject", + "s3:PutObjectAcl" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::mapbox/mapbox-gl-native/*" + ] + } + ] + } + }, + { + "PolicyName": "android", + "PolicyDocument": { + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "ec2:DescribeInstances", + "ec2:RunInstances", + "ec2:CreateTags", + "ec2:GetConsoleOutput" + ], + "Resource": [ + "*" + ] + }, + { + "Effect": "Allow", + "Action": "iam:PassRole", + "Resource": { + "Fn::GetAtt": [ + "AndroidRole", + "Arn" + ] + } + } + ] + } + } + ] + } + }, + "BuildUserKey": { + "Type": "AWS::IAM::AccessKey", + "Properties": { + "UserName": { + "Ref": "BuildUser" + } + } + }, + "AndroidRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": [ + "ec2.amazonaws.com" + ] + }, + "Action": [ + "sts:AssumeRole" + ] + } + ] + }, + "Policies": [ + { + "PolicyName": "android-testing", + "PolicyDocument": { + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:PutObject" + ], + "Resource": [ + "arn:aws:s3:::mapbox-gl-testing/android/*" + ] + } + ] + } + }, + { + "PolicyName": "android", + "PolicyDocument": { + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:PutObject" + ], + "Resource": [ + "arn:aws:s3:::mapbox/mapbox-gl-native/android/build/*" + ] + } + ] + } + } + ], + "Path": "/android-gl-build/travis/role/" + } + }, + "AndroidInstanceProfile": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "Roles": [ + { + "Ref": "AndroidRole" + } + ], + "Path": "/android-gl-build/travis/instance-profile/" + } + } + }, + "Outputs": { + "AccessKeyId": { + "Value": { + "Ref": "BuildUserKey" + } + }, + "SecretAccessKey": { + "Value": { + "Fn::GetAtt": [ + "BuildUserKey", + "SecretAccessKey" + ] + } + }, + "AndroidInstanceProfile": { + "Value": { + "Fn::GetAtt": [ + "AndroidInstanceProfile", + "Arn" + ] + } + }, + "AndroidRole": { + "Value": { + "Fn::GetAtt": [ + "AndroidRole", + "Arn" + ] + } + } + } +} |