IAC - IAM & YAML codes for Reference
Updated
•1 min read
To Create EC2 - appspec.yml
Version: 0.0
os:linux
hooks:
BeforeInstall:
-location: script/UnzipResource.sh
-location: script/UnzipData.sh
AfterInstall:
-location: script/RunResourceTest.sh
timeout:3000
Application Start
-location: script/RunFunctionTest.sh
timeout:3000
ValidateService
-location: script/MonitorService.sh
timeout:3000
runas:codedeployuser
To Create ECS - appspec.yml
Version: 0.0
os:linux
hooks:
BeforeInstall:
-location: script/UnzipResource.sh
-location: script/UnzipData.sh
AfterInstall:
-location: script/RunResourceTest.sh
timeout:3000
Application Start
-location: script/RunFunctionTest.sh
timeout:3000
ValidateService
-location: script/MonitorService.sh
timeout:3000
runas:codedeployuser
To Create Lambda - appsec.yml
version0.0
Resources:
- myLambdaFunction:
Type: AWS::lambda::Function
Properties:
Name:JoeLambdafunction
Aliase:Joe
CurrentVersion:1
TargetVersion:2
To create Webhook - appspec.yml ( Blue green Deployment )
Version: 0.0
Resources:
...
Hooks
-BeforeAllowTraffic:"ValidateBeforeAllowTraffic"
IAM Policy reference
{
"version":"2025-10-17",
"statement": [
{
"Action":[
"S3:get*"
"s3:list*"
]
"effect":"Allow",
"resource":"*"
}
]
}
IAM role to provide access Secondary account
Artifcat access to secondary account in AWS
{
"version":"2012-10-17",
"statement": [
{
"Effect":"Allow"
"Action":[
"CodeAritifact:List*"
"CodeAritifact:Get*"
"CodeAritifact:readfromRepository"
"CodeAritifact:Describe*"
],
"Principal" {
"AWS":[
"arn-aws-iam:123456789/root"
"arn-aws-iam:987654321/user/joe"
]
},
"Resource":"*"
}
]
}
11 views
