This reference architecture creates an AWS Service Catalog Portfolio called "Service Catalog S3 Reference Architecture" with five associated products. The AWS Service Catalog Product references cloudformation templates for the Amazon S3 buckets which can be lauched by end users through Service Catalog. The AWS Service Catalog S3 products create S3 buckets with varying configurations:
- Read-Only bucket with access from anywhere
- Private bucket with access restricted to a source CIDR block
- Private bucket with access requiring multi-factor authentication
- Private bucket with contents encrypted with S3 server side encryption
- Private bucket with a transition ruleset to migrate innactive objects to S3-IA and Glacier.
Launch the S3 portfolio stack:
- clone this git repo:
git clone [email protected]:aws-samples/aws-service-catalog-reference-architectures.git - Copy everything in the repo to an S3 bucket:
cd aws-service-catalog-reference-architectures
aws s3 cp . s3://[YOUR-BUCKET-NAME-HERE] --exclude "*" --include "*.json" --include "*.yml" --recursive - In the AWS CloudFormation console choose "Create Stack" and supply the Portfolio S3 url:
https://s3.amazonaws.com/[YOUR-BUCKET-NAME-HERE]/s3/sc-portfolio-s3.json - Set the LinkedRole1 and LinkedRole2 parameters to any additional end user roles you may want to link to the Portfolio.
- Set the CreateEndUsers parameter to No if you have already run a Portfolio stack from this repo (ServiceCatalogEndusers already exists).
- Change the RepoRootURL parameter to your bucket's root url:
https://s3.amazonaws.com/[YOUR-BUCKET-NAME-HERE]/
