I am using AWS Amplify in a React Native App. I set up my userpool with a domain via the console (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain-prefix.html), but have to manually remove and re-install it every time I make a chance to the backend\auth\poolname-cloudformation-template.yml.
Is there a CloudFormation setting that would allow me to set it up through there?
Thanks!
This has been added to CloudFormation:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html
Unfortunately, there is no Cloud Formation setting that allows to create an Amazon Cognito Domain. One work around for this is to create a Custom Cloud Formation resource backed by a Lambda and then creating the domain in Lambda through Boto 3.
Related
Does it use AWS CloudFormation, the AWS CLI, or does it do something else like directly make AWS API calls without going through the CLI?
No, it not using the AWS CLI or cloud formation.
AWS terraform use the AWS SDK and here you can see the complete list of dependency for the AWS Terraform provider.
It also uses aws-sdk-go https://github.com/aws/aws-sdk-go
https://github.com/hashicorp/terraform-provider-aws
Is there a way to configure the Session Manager via CDK?
I want to change settings like enabling KMS encryption and max session duration as well as writing session data to a S3 bucket. The online documentation from AWS (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-configure-preferences.html) only has manual steps via the console described. However, everything is set up via CDK in my case and I also want to have those things configured via CDK, so in case the S3 bucket which is created via CDK is deleted/renewed I don't have to do any manual steps to configure SSM again.
You cant do that. Those settings are set per account globally. CDK/Cloudformation is resource provisioning tool.
Session Manager preferences are regional and since they be changed via command line, they can also be changed via a CDK custom resource.
Just create a lambda that runs the
aws ssm update-document --name "SSM-SessionManagerRunShell"
with a json config as explained here:
https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-configure-preferences-cli.html
If you pass the name of your S3 bucket as a parameter of your custom resource it will trigger an on_event update every time your bucket changes.
I built a serverless app on an AWS account (S3, API Gateway, Lambda, DynamoDB, IAM). I need to deploy this on another AWS account that is part of the same AWS organization. Is there a CLI/CloudFormer solution where I can select existing AWS resources and replicate them on different AWS account.
You can use CloudFormation stacks sets: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html But the resources need to be maintained by CloudFormation also in first account.
I am building cloud formation template to create API gateway with custom domain name. But I can't find documentation for custom domain names in cloudformation. Is cloud formation support custom domain if yes, could anyone please let me know how to create custom domain name resource using cloudformation
It is now supported to do a custom domain via cloud formation!
See here:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html
The problem is it will deploy a cloudfront distribution which could take more than 20 minutes. Use this CFN resource to do it.
AWS::ApiGateway::DomainName
Unfortunately, we don't support the domain name resource yet. We are actively working on supporting this.
Until api gateway has released a domain name resource in cloudformation, you can either write a cloudformation custom resource in lambda or use a custom resource library like https://github.com/jed/cfn-api-gateway-custom-domain
I wanted to create an AWS Dashboard using cloudformation but did find a way.
Guess AWS has not yet added support for that.
As an alternative is it possible to create that using AWS CLI
AWS just announced support for this.
https://aws.amazon.com/blogs/aws/new-api-cloudformation-support-for-amazon-cloudwatch-dashboards/
CloudFormation documentation is also available: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cw-dashboard.html
If I'm correct your question is concerns Resource Groups. It is not possible at this time to create Resource Group in Cloud Formation Templates or via the awscli.
Resource Groups are tied to a User, not an account - so it's not possible to define them at an account level and allow Users to access them.
It's possible for a User to 'Share' a Resource Group they've created by passing a URL to another User.