How to use the troposphere.Join function in troposphere
To help you get started, we’ve selected a few troposphere examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
DualSpark / cloudformation-environmentbase / src / environmentbase / patterns / ha_nat.py View on Github 
KeyName=Ref('ec2Key'),
SecurityGroups=[Ref(self.sg)],
EbsOptimized=False,
IamInstanceProfile=Ref(self.instance_profile),
InstanceType=self.instance_type,
AssociatePublicIpAddress=True
))
# Create the NAT in a public subnet
subnet_layer = self._subnets['public'].keys()[0]
nat_asg = self.add_resource(AutoScalingGroup(
nat_asg_name,
DesiredCapacity=1,
Tags=[
Tag("Name", Join("-", ["NAT", self.subnet_index,]), True),
Tag("isNat", "true", True)
],
MinSize=1,
MaxSize=1,
Cooldown="30",
LaunchConfigurationName=Ref(nat_launch_config),
HealthCheckGracePeriod=30,
HealthCheckType="EC2",
VPCZoneIdentifier=[self._subnets['public'][subnet_layer][self.subnet_index]],
CreationPolicy=CreationPolicy(
ResourceSignal=ResourceSignal(
Count=1,
Timeout='PT15M'
)
)
))def get_template_s3_url(self, child_template):
"""
Overridable method for getting the s3 url for child templates.
By default it uses the `TemplateBucket` Parameter and
`child_template.resource_path` to build the URL.
Use `utility.get_template_s3_url(Template.template_bucket_default, child_template.resource_path)`
if you want a non-parametrized version of this URL.
"""
return Join('', ['https://', Ref(self.template_bucket_param), '.s3.amazonaws.com/', child_template.resource_path])def setup_listeners(self):
no_ssl = [elb.Listener(
LoadBalancerPort=80,
Protocol="TCP",
InstancePort=8081,
InstanceProtocol="TCP"
)]
acm_cert = Join("", [
"arn:aws:acm:", Ref("AWS::Region"), ":", Ref("AWS::AccountId"),
":certificate/", Ref("ELBCertName")])
iam_cert = Join("", [
"arn:aws:iam::", Ref("AWS::AccountId"), ":server-certificate/",
Ref("ELBCertName")])
cert_id = If("UseIAMCert", iam_cert, acm_cert)
with_ssl = []
with_ssl.append(elb.Listener(
LoadBalancerPort=443,
InstancePort=8081,
Protocol="SSL",
InstanceProtocol="TCP",
SSLCertificateId=cert_id))
listeners = If("UseHTTPS", with_ssl, no_ssl)BlockDeviceMappings=[
ec2.BlockDeviceMapping(
DeviceName="/dev/sda1",
Ebs=ec2.EBSBlockDevice(
VolumeType="gp2",
VolumeSize=8,
Encrypted=use_aes256_encryption,
KmsKeyId=If(use_cmk_arn, Ref(cmk_arn), Ref("AWS::NoValue")),
),
),
],
Condition=bastion_type_and_ami_set,
Tags=[
{
"Key": "Name",
"Value": Join("-", [Ref("AWS::StackName"), "bastion"]),
},
{
"Key": "aws-web-stacks:role",
"Value": "bastion",
},
],
)
# Associate the Elastic IP separately, so it doesn't change when the instance changes.
eip_assoc = ec2.EIPAssociation(
"BastionEIPAssociation",
template=template,
InstanceId=Ref(bastion_instance),
EIP=Ref(bastion_eip),
Condition=bastion_type_and_ami_set,
)Keyword Args:
bucket (dict): The bucket resource
oai (dict): The origin access identity resource
lambda_function_associations (array): The lambda function association array
Return:
dict: The CloudFront Distribution Options
"""
variables = self.get_variables()
return {
'Aliases': self.add_aliases(),
'Origins': [
cloudfront.Origin(
DomainName=Join(
'.',
[bucket.ref(),
's3.amazonaws.com']),
S3OriginConfig=cloudfront.S3OriginConfig(
OriginAccessIdentity=Join(
'',
['origin-access-identity/cloudfront/',
oai.ref()])
),
Id='S3Origin'
)
],
'DefaultCacheBehavior': cloudfront.DefaultCacheBehavior(
AllowedMethods=['GET', 'HEAD'],
Compress=False,
DefaultTTL='86400',amazonredshiftparameter1 = AmazonRedshiftParameter(
"AmazonRedshiftParameter1",
ParameterName="enable_user_activity_logging",
ParameterValue="true",
)
redshiftclusterparametergroup = t.add_resource(ClusterParameterGroup(
"RedshiftClusterParameterGroup",
Description="Cluster parameter group",
ParameterGroupFamily="redshift-1.0",
Parameters=[amazonredshiftparameter1],
))
t.add_output(Output(
"ClusterEndpoint",
Value=Join(":", [GetAtt(redshiftcluster, "Endpoint.Address"),
GetAtt(redshiftcluster, "Endpoint.Port")]),
))
print(t.to_json())"ecs:RegisterTaskDefinition",
"ecs:DescribeServices",
"ecs:UpdateService",
"ecs:DescribeTasks",
"ecs:ListTasks"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"codebuild:StartBuild",
"codebuild:BatchGetBuilds"
],
"Resource": [
Join("", ["arn:aws:codebuild:", Ref('AWS::Region'), ":", Ref('AWS::AccountId'), ":project/", Ref(BuildProject)])
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:PutObject",
"s3:GetObject"
],
"Resource": ["*"]
}
]
},
Roles = [Ref(CodePipelineServiceRole)],
))Protocol='HTTP')]))
kibana_policies = [iam.Policy(
PolicyName='sqsWrite',
PolicyDocument={
"Statement": [{
"Effect" : "Allow",
"Action" : ["sqs:ChangeMessageVisibility","sqs:ChangeMessageVisibilityBatch","sqs:GetQueueAttributes","sqs:GetQueueUrl","sqs:ListQueues","sqs:SendMessage","sqs:SendMessageBatch"],
"Resource" : [GetAtt(logging_queue,'Arn')]}]}),
iam.Policy(
PolicyName='s3AllForBackupBucket',
PolicyDocument={
"Statement": [{
"Effect" : "Allow",
"Action" : ["s3:*"],
"Resource" : [Join('', ['arn:aws:s3:::', Ref(backup_bucket), "/*"])]
}]}),
iam.Policy(
PolicyName='s3ListAndGetBucket',
PolicyDocument={
"Statement" : [{
"Effect" : "Allow",
"Action" : ["s3:List*", "s3:GetBucket*"],
"Resource" : "arn:aws:s3:::*"}]})]
iam_profile = self.create_instance_profile('kibana', kibana_policies)
kibana_tags = [autoscaling.Tag('ansible_group', 'elk-kibana', True)]
kibana_asg = self.create_asg('kibana',
instance_profile=iam_profile,
instance_type=kibana_args.get('kibana_instance_type_default', 't1.micro'),
security_groups=[instance_sg, self.common_security_group],def s3_write_statements(bucket_name):
return [
Statement(
Effect=Allow,
Action=[
awacs.s3.AbortMultipartUpload,
awacs.s3.GetBucketLocation,
awacs.s3.GetObject,
awacs.s3.ListBucket,
awacs.s3.ListBucketMultipartUploads,
awacs.s3.PutObject,
],
Resource=[
s3_arn(bucket_name),
s3_arn(Join("/", [bucket_name, "*"]))
],def setup_listeners(self):
no_ssl = [elb.Listener(
LoadBalancerPort=80,
Protocol='HTTP',
InstancePort=80,
InstanceProtocol='HTTP'
)]
cert_id = Join("", [
"arn:aws:iam::", Ref("AWS::AccountId"), ":server-certificate/",
Ref("ELBCertName")])
with_ssl = copy.deepcopy(no_ssl)
with_ssl.append(elb.Listener(
LoadBalancerPort=443,
InstancePort=80,
Protocol='HTTPS',
InstanceProtocol="HTTP",
SSLCertificateId=cert_id))
listeners = If("UseSSL", with_ssl, no_ssl)
return listeners
Popular troposphere functions
- troposphere.AWSObject
- troposphere.AWSProperty
- troposphere.ec2
- troposphere.ec2.Instance
- troposphere.ec2.SecurityGroup
- troposphere.ec2.SecurityGroupRule
- troposphere.Equals
- troposphere.FindInMap
- troposphere.GetAtt
- troposphere.iam
- troposphere.iam.Policy
- troposphere.iam.Role
- troposphere.If
- troposphere.Join
- troposphere.Output
- troposphere.Parameter
- troposphere.Ref
- troposphere.Sub
- troposphere.Tags
- troposphere.Template