AWSTemplateFormatVersion: "2010-09-09" Description: Manage GitHub Continuous Integration and Release processes Parameters: GitHubRepositoryName: Type: String Description: GitHub Repo Name For aws-cloudformation-resource-providers-fms GitHubRepositoryShortName: Type: String Description: Short Name for this provider to avoid exceeding the 64char limit on IAM Resources Resources: AWSCloudFormationResourceProviderCIPolicy: Type: AWS::IAM::ManagedPolicy Properties: ManagedPolicyName: !Sub "codebuild-${GitHubRepositoryName}-ci-policy" Path: /service-role/ PolicyDocument: Version: "2012-10-17" Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents Resource: - !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/${GitHubRepositoryName}-ci" - !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/${GitHubRepositoryName}-ci:*" AWSCloudFormationResourceProviderCIRole: Type: AWS::IAM::Role Properties: RoleName: !Sub "codebuild-${GitHubRepositoryShortName}-ci" AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: Allow Principal: Service: codebuild.amazonaws.com Action: sts:AssumeRole Path: /service-role/ ManagedPolicyArns: - !Ref AWSCloudFormationResourceProviderCIPolicy AWSCloudFormationResourceProviderCIProject: Type: AWS::CodeBuild::Project Properties: Name: !Sub "${GitHubRepositoryName}-ci" Description: !Sub "https://github.com/aws-cloudformation/${GitHubRepositoryName}/" BadgeEnabled: true TimeoutInMinutes: 30 Artifacts: Type: NO_ARTIFACTS Environment: Type: LINUX_CONTAINER ComputeType: BUILD_GENERAL1_SMALL Image: aws/codebuild/standard:2.0 PrivilegedMode: false Source: Type: GITHUB Auth: Type: OAUTH InsecureSsl: false Location: !Sub "https://github.com/aws-cloudformation/${GitHubRepositoryName}.git" ReportBuildStatus: true GitCloneDepth: 1 BuildSpec: buildspec.yml ServiceRole: !GetAtt AWSCloudFormationResourceProviderCIRole.Arn Triggers: Webhook: true