Merge pull request #33 from rrigato/dev

remove code pipeline resources
rrigato · Dec 23, 2023 · ce99da1 · ce99da1
2 parents 506e9af + 71482d3
commit ce99da1
Showing 1 changed file with 0 additions and 237 deletions.
diff --git a/templates/code_pipeline.yml b/templates/code_pipeline.yml
@@ -50,208 +50,6 @@ Resources:
             !Ref RepositoryDescription]]
         RepositoryName: !Ref ProjectName
 
-  ##########################################
-  #Code Pipeline Is broken down into stages
-  #that occur sequentially These can be
-  #the following ci/cd actions
-  # Source
-  # Build
-  # Test
-  # Deploy
-  # Approval
-  # Invoke
-  #
-  #Stages for this environment:
-  #Stage 1) Source = Get source code repository
-  #
-  #stage 2) Deploy create/updates the
-  #templates/prod_resource_import.yml
-  ###########################################
-  CodePipelineStack:
-    Type: AWS::CodePipeline::Pipeline
-    Properties:
-      RoleArn: !GetAtt [CodePipelineRole, Arn]
-      ArtifactStore:
-        Location:
-          Ref:
-            ArtifactStoreBucket
-        Type: S3
-      Stages:
-        ###############################
-        #Stage 1, gets the source control git repo
-        #
-        #
-        ###############################
-        - Name: SourceCodeRepo
-          Actions:
-            #The input artifact of an action must exactly
-            # match the output artifact declared
-            #in a preceding action
-            - InputArtifacts: []
-              Name: Source
-              ######################################
-              #List of valid action type providers
-              #by action can be found here:
-              #https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers
-              ######################################
-              ActionTypeId:
-                Category: Source
-                Owner: AWS
-                Version: '1'
-                Provider: CodeCommit
-              OutputArtifacts:
-                - Name: !GetAtt GitRepo.Name
-            #Git repo for first stage
-            #########################################
-            #Configuration Details by provider can be found here:
-            #https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#structure-configuration-examples
-            #
-            #########################################
-              Configuration:
-                BranchName: !Ref RepositoryBranch
-                RepositoryName: !GetAtt GitRepo.Name
-              #Run order within stage not between stages
-              RunOrder: 1
-
-
-          ###################################
-          #stage 3) Deploys to production
-          #by updating or creating a stack as
-          #necessary
-          ###################################
-        - Name: DeployProd
-          Actions:
-        ############################
-        #First action of this deploy prod stage
-        #cloudformation template which was an import
-        #existing cloudresources
-        ############################
-          - Name: DeployProdImport
-            ActionTypeId:
-              Category: Deploy
-              Owner: AWS
-              Provider: CloudFormation
-              Version: '1'
-            InputArtifacts:
-              - Name: !GetAtt GitRepo.Name
-            OutputArtifacts:
-              - Name: ProdImportCf
-            ##########################################
-            #configuration properties documentation:
-            #https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html
-            ##########################################
-            Configuration:
-              #If the cloudformation stack does not exist
-              #it will be created, otherwise the stack will be updated
-              #with the template provided in TemplatePath
-              ActionMode: CREATE_UPDATE
-              RoleArn: !GetAtt [ProdCodeDeployRole, Arn]
-              StackName: prod-homepage
-              #TemplatePath: !Ref GitRepoName !Sub "TemplateSource::${ProdStackConfig}"
-              #Artifact::template_file_name
-              #is what the deploy stage is expecting as input for the
-              #cloudformation template location
-              TemplatePath:
-                  !Join ['::', [!Ref ProjectName, 'templates/prod_resource_import.yml']]
-            RunOrder: 1
-
-
-
-####################
-#Role assumed by cloudformation
-#in stage 2 of the CodePipeline to
-#create/update the templates/prod_resource_import.yml stack
-####################
-  ProdCodeDeployRole:
-    Type: AWS::IAM::Role
-    Properties:
-      AssumeRolePolicyDocument:
-        Statement:
-        - Action: ['sts:AssumeRole']
-          Effect: Allow
-          Principal:
-            Service: [cloudformation.amazonaws.com]
-        Version: '2012-10-17'
-      ManagedPolicyArns:
-        - arn:aws:iam::aws:policy/AmazonS3FullAccess
-        - arn:aws:iam::aws:policy/CloudFrontFullAccess
-      Path: /
-      #Ability to create record sets in Route53
-      Policies:
-          - PolicyName: DeployRoute53
-            PolicyDocument:
-              Version: "2012-10-17"
-              Statement:
-                - Sid: RecordSetsOneHostedZone
-                  Effect: Allow
-                  Action:
-                    - route53:GetHostedZone
-                    - route53:ListResourceRecordSets
-                    - route53:ListHostedZones
-                    - route53:GetChange
-                  Resource:
-                    - "*"
-
-                - Sid: RequestAcmCertificate
-                  Effect: Allow
-                  Action:
-                    - acm:RequestCertificate
-                    - acm:DeleteCertificate
-                    - acm:DescribeCertificate
-                  Resource:
-                    - "*"
-                #Change Record Sets but limit
-                #to one hosted zone
-                - Sid: WriteRecordSetsOneHostedZone
-                  Effect: Allow
-                  Action:
-                    - route53:ChangeResourceRecordSets
-                #Name of the hosted zone to allow Record
-                #sets to be changed on
-                  Resource:
-                    - "arn:aws:route53:::hostedzone/Z3K3UR6983C2YB"
-        #policy needed for serverless transform
-          - PolicyName: BackendDeployPolicy
-            PolicyDocument:
-              Version: "2012-10-17"
-              Statement:
-                - Sid: RecordSetsOneHostedZone
-                  Effect: Allow
-                  Action:
-                    - cloudformation:CreateChangeSet
-                    #- cloudformation:ExecuteChangeSet
-                  Resource:
-                    - "*"
-                #secretsmanager creation privleges
-                - Sid: !Join ['', [!Ref ProjectName,'SecretsMangerDeploy']]
-                  Effect: Allow
-                  Action:
-                    - secretsmanager:CreateSecret # pragma: allowlist secret
-                    - secretsmanager:DeleteSecret # pragma: allowlist secret
-                    - secretsmanager:TagResource # pragma: allowlist secret
-                    - secretsmanager:UpdateSecret # pragma: allowlist secret
-                  Resource:
-                    - "*"
-                #create vpc privleges
-                - Sid: !Join ['', [!Ref ProjectName,'VpcDeploy']]
-                  Effect: Allow
-                  Action:
-                    - ec2:CreateVpc
-                    - ec2:CreateSubnet
-                    - ec2:DeleteSubnet
-                    - ec2:DeleteVpc
-                    - ec2:DescribeVpcs
-                    - ec2:ModifyVpcAttribute
-                    - ec2:createTags
-                    - ec2:DescribeAvailabilityZones
-                    - ec2:DescribeAccountAttributes
-                    - ec2:DescribeSubnets
-                    - ec2:CreateRouteTable
-                    - ec2:DeleteRouteTable
-                    - ec2:DescribeRouteTables
-                  Resource:
-                    - "*"
-
   CFNRole:
     Type: AWS::IAM::Role
     Properties:
@@ -288,41 +86,6 @@ Resources:
                   Resource:
                     - "*"
 
-  CodePipelineRole:
-    Type: AWS::IAM::Role
-    Properties:
-      AssumeRolePolicyDocument:
-        Version: "2012-10-17"
-        Statement:
-          Effect: Allow
-          Principal:
-            Service: codepipeline.amazonaws.com
-          Action: sts:AssumeRole
-      Path: /
-      #List of Policies for Code Pipeline
-      ManagedPolicyArns:
-          - arn:aws:iam::aws:policy/AWSCodePipelineFullAccess
-          - arn:aws:iam::aws:policy/AWSCodeCommitFullAccess
-          - arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess
-          - arn:aws:iam::aws:policy/AmazonS3FullAccess
-          - arn:aws:iam::aws:policy/AWSCloudFormationFullAccess
-      Policies:
-          - PolicyName: PipelinePassRole
-            PolicyDocument:
-              Version: "2012-10-17"
-              Statement:
-                - Sid: IamPassRoleAllow
-                  Effect: Allow
-                  #######################################
-                  #Allowing lambda to perform a PutItem on
-                  #DynamoDB
-                  #
-                  #######################################
-                  Action:
-                    - iam:PassRole
-                  Resource:
-                    - "*"
-
 
 Outputs:
   CodeCommitURL: