リソース(Role1Named)のCloudFormationリソースファイルを作成します。
手順に必要な設定値を変数に格納をします。
CloudFormationリソース名を指定します。
変数の設定: TEMPLATE_CFN_RESOURCE_NAME='Role1Named'
変数の設定:
TEMPLATE_CFN_RESOURCE_NAME='Role1Named'
リソースファイル用ディレクトリを指定します。
変数の設定: DIR_TEMPLATE_CFN_RESOURCE="${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources"
DIR_TEMPLATE_CFN_RESOURCE="${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources"
ディレクトリが存在することを確認し、存在しない場合は作成します。
コマンド: ls -d ${DIR_TEMPLATE_CFN_RESOURCE} > /dev/null 2>&1 \ || mkdir -p ${DIR_TEMPLATE_CFN_RESOURCE} 結果(例): (出力なし)
コマンド:
ls -d ${DIR_TEMPLATE_CFN_RESOURCE} > /dev/null 2>&1 \ || mkdir -p ${DIR_TEMPLATE_CFN_RESOURCE}
結果(例):
(出力なし)
リソースファイル名を指定します。
変数の設定: FILE_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}/${TEMPLATE_CFN_RESOURCE_NAME}.txt" \ && echo ${FILE_TEMPLATE_CFN_RESOURCE} 結果(例): ${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt
FILE_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}/${TEMPLATE_CFN_RESOURCE_NAME}.txt" \ && echo ${FILE_TEMPLATE_CFN_RESOURCE}
${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt
IAMロールパスを指定します。
変数の設定: IAM_ROLE_PATH='/handson-cli/'
IAM_ROLE_PATH='/handson-cli/'
IAMロール名を指定します。
変数の設定: IAM_ROLE_NAME='handson-cli-cfn-iam-Role-role'
IAM_ROLE_NAME='handson-cli-cfn-iam-Role-role'
IAMロールの説明を指定します。
変数の設定: IAM_ROLE_DESCRIPTION='Named role for handson-cli-cfn-iam-Role.'
IAM_ROLE_DESCRIPTION='Named role for handson-cli-cfn-iam-Role.'
ロールの利用を許可するサービス(ホスト名形式)を指定します。
変数の設定: IAM_ROLE_PRINCIPAL='lambda.amazonaws.com'
IAM_ROLE_PRINCIPAL='lambda.amazonaws.com'
各変数に正しい設定値が格納されていることを確認します。
変数の確認: cat << END # 1. TEMPLATE_CFN_RESOURCE_NAME:"Role1Named" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # 2. DIR_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources" DIR_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}" # 3. FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # 4. IAM_ROLE_PATH:"/handson-cli/" IAM_ROLE_PATH="${IAM_ROLE_PATH}" # 5. IAM_ROLE_NAME:"handson-cli-cfn-iam-Role-role" IAM_ROLE_NAME="${IAM_ROLE_NAME}" # 6. IAM_ROLE_DESCRIPTION:"Named role for handson-cli-cfn-iam-Role." IAM_ROLE_DESCRIPTION="${IAM_ROLE_DESCRIPTION}" # 7. IAM_ROLE_PRINCIPAL:"lambda.amazonaws.com" IAM_ROLE_PRINCIPAL="${IAM_ROLE_PRINCIPAL}" END
変数の確認:
cat << END # 1. TEMPLATE_CFN_RESOURCE_NAME:"Role1Named" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # 2. DIR_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources" DIR_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}" # 3. FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # 4. IAM_ROLE_PATH:"/handson-cli/" IAM_ROLE_PATH="${IAM_ROLE_PATH}" # 5. IAM_ROLE_NAME:"handson-cli-cfn-iam-Role-role" IAM_ROLE_NAME="${IAM_ROLE_NAME}" # 6. IAM_ROLE_DESCRIPTION:"Named role for handson-cli-cfn-iam-Role." IAM_ROLE_DESCRIPTION="${IAM_ROLE_DESCRIPTION}" # 7. IAM_ROLE_PRINCIPAL:"lambda.amazonaws.com" IAM_ROLE_PRINCIPAL="${IAM_ROLE_PRINCIPAL}" END
各変数について、上の行と下の行の値の内容もしくは形式が同じであることを確認します。 もし異なる場合は、それぞれの手順番号に戻って変数の設定を行います。
CFnリソースファイルを作成します。
変数の確認: cat << END # FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # TEMPLATE_CFN_RESOURCE_NAME:"Role1Named" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # IAM_ROLE_PATH:"/handson-cli/" IAM_ROLE_PATH="${IAM_ROLE_PATH}" # IAM_ROLE_NAME:"handson-cli-cfn-iam-Role-role" IAM_ROLE_NAME="${IAM_ROLE_NAME}" # IAM_ROLE_DESCRIPTION:"Named role for handson-cli-cfn-iam-Role." IAM_ROLE_DESCRIPTION="${IAM_ROLE_DESCRIPTION}" # IAM_ROLE_PRINCIPAL:"lambda.amazonaws.com" IAM_ROLE_PRINCIPAL="${IAM_ROLE_PRINCIPAL}" END コマンド: cat << EOF > ${FILE_TEMPLATE_CFN_RESOURCE} ${TEMPLATE_CFN_RESOURCE_NAME}: Type: AWS::IAM::Role Properties: Path: ${IAM_ROLE_PATH} RoleName: ${IAM_ROLE_NAME} Description: ${IAM_ROLE_DESCRIPTION} AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ${IAM_ROLE_PRINCIPAL} Action: - sts:AssumeRole EOF cat ${FILE_TEMPLATE_CFN_RESOURCE} 結果(例): Role1Named: Type: AWS::IAM::Role Properties: Path: /handson-cli/ RoleName: handson-cli-cfn-iam-Role-role Description: Named role for handson-cli-cfn-iam-Role. AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole
cat << END # FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # TEMPLATE_CFN_RESOURCE_NAME:"Role1Named" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # IAM_ROLE_PATH:"/handson-cli/" IAM_ROLE_PATH="${IAM_ROLE_PATH}" # IAM_ROLE_NAME:"handson-cli-cfn-iam-Role-role" IAM_ROLE_NAME="${IAM_ROLE_NAME}" # IAM_ROLE_DESCRIPTION:"Named role for handson-cli-cfn-iam-Role." IAM_ROLE_DESCRIPTION="${IAM_ROLE_DESCRIPTION}" # IAM_ROLE_PRINCIPAL:"lambda.amazonaws.com" IAM_ROLE_PRINCIPAL="${IAM_ROLE_PRINCIPAL}" END
cat << EOF > ${FILE_TEMPLATE_CFN_RESOURCE} ${TEMPLATE_CFN_RESOURCE_NAME}: Type: AWS::IAM::Role Properties: Path: ${IAM_ROLE_PATH} RoleName: ${IAM_ROLE_NAME} Description: ${IAM_ROLE_DESCRIPTION} AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ${IAM_ROLE_PRINCIPAL} Action: - sts:AssumeRole EOF cat ${FILE_TEMPLATE_CFN_RESOURCE}
Role1Named: Type: AWS::IAM::Role Properties: Path: /handson-cli/ RoleName: handson-cli-cfn-iam-Role-role Description: Named role for handson-cli-cfn-iam-Role. AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole
「リソースファイル"${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt"が存在する。」ことを確認します。
コマンド: ls ${FILE_TEMPLATE_CFN_RESOURCE} 結果(例): ${HOME}/environment/conf-handson-cli-cfn-iam-Role/resources/Role1Named.txt
ls ${FILE_TEMPLATE_CFN_RESOURCE}