jg75 · November 14, 2019 21:42
diff --git a/child.yml b/child.yml
 AWSTemplateFormatVersion: 2010-09-09
 Description: The child template needs the Arn for the task role and the bucket name for the task.

 Parameters:
  InputS3BucketArn:
    Description: Parameter containing the Arn of the S3 Bucket for input
    Type: AWS::SSM::Parameter::Value<String>
    Default: /Yolo/Development/InputS3BucketArn

  OutputS3BucketArn:
    Description: Parameter containing the Arn of the S3 Bucket for output
    Type: AWS::SSM::Parameter::Value<String>
    Default: /Yolo/Development/OutputS3BucketArn

 Resources:
  EcsTaskRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Sub ${AWS::StackName}EcsTask
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service: [ecs-tasks.amazonaws.com]
            Action: ["sts:AssumeRole"]
      Policies:
        - PolicyName: !Sub ${AWS::StackName}EcsTask
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - "s3:*"
                Resource:
                  - !Ref "InputS3BucketArn"
                  - !Sub "${InputS3BucketArn}/*"
                  - !Ref "OutputS3BucketArn"
                  - !Sub "${OutputS3BucketArn}/*"

 Outputs:
  InputS3Bucket:
    Description: Input S3 Bucket
    Value: !Select [5, !Split [":", !Ref InputS3BucketArn]]

  OutputS3Bucket:
    Description: Output S3 Bucket
    Value: !Select [5, !Split [":", !Ref OutputS3BucketArn]]
diff --git a/parent.yml b/parent.yml
 AWSTemplateFormatVersion: 2010-09-09
 Description: This conditionally creates s3 buckets and parameters for the child templates to use

 Parameters:
  InputS3BucketArn:
    Description: Arn of the S3 Bucket for input
    Type: String
    Default: ""

  OutputS3BucketArn:
    Description: Parameter containing the Arn of the S3 Bucket for output
    Type: String
    Default: ""

  ParameterPath:
    Description: Path for SSM Parameter Store parameters
    Type: String
    Default: /Yolo/Development

 Conditions:
  CreateInputS3Bucket: !Equals [!Ref InputS3BucketArn, ""]
  CreateOutputS3Bucket: !Equals [!Ref OutputS3BucketArn, ""]

 Resources:
  InputS3Bucket:
    Type: AWS::S3::Bucket
    Condition: CreateInputS3Bucket
    Properties:
      VersioningConfiguration:
        Status: Enabled

  InputS3BucketParameter:
    Type: AWS::SSM::Parameter
    Condition: CreateInputS3Bucket
    Properties:
      Name: !Sub ${ParameterPath}/InputS3BucketArn
      Type: String
      Value: !GetAtt InputS3Bucket.Arn

  OutputS3Bucket:
    Type: AWS::S3::Bucket
    Condition: CreateOutputS3Bucket
    Properties:
      VersioningConfiguration:
        Status: Enabled

  OutputS3BucketParameter:
    Type: AWS::SSM::Parameter
    Condition: CreateOutputS3Bucket
    Properties:
      Name: !Sub ${ParameterPath}/OutputS3BucketArn
      Type: String
      Value: !GetAtt OutputS3Bucket.Arn

 Outputs:
  InputS3Bucket:
    Description: S3 Bucket for input
    Value: !If [CreateInputS3Bucket, !Ref InputS3Bucket, !Select [5, !Split [":", !Ref InputS3BucketArn]]]

  OutputS3Bucket:
    Description: S3 Bucket for output
    Value: !If [CreateOutputS3Bucket, !Ref OutputS3Bucket, !Select [5, !Split [":", !Ref OutputS3BucketArn]]]
	AWSTemplateFormatVersion: 2010-09-09
	Description: The child template needs the Arn for the task role and the bucket name for the task.

	Parameters:
	InputS3BucketArn:
	Description: Parameter containing the Arn of the S3 Bucket for input
	Type: AWS::SSM::Parameter::Value<String>
	Default: /Yolo/Development/InputS3BucketArn

	OutputS3BucketArn:
	Description: Parameter containing the Arn of the S3 Bucket for output
	Type: AWS::SSM::Parameter::Value<String>
	Default: /Yolo/Development/OutputS3BucketArn

	Resources:
	EcsTaskRole:
	Type: AWS::IAM::Role
	Properties:
	RoleName: !Sub ${AWS::StackName}EcsTask
	AssumeRolePolicyDocument:
	Statement:
	- Effect: Allow
	Principal:
	Service: [ecs-tasks.amazonaws.com]
	Action: ["sts:AssumeRole"]
	Policies:
	- PolicyName: !Sub ${AWS::StackName}EcsTask
	PolicyDocument:
	Version: "2012-10-17"
	Statement:
	- Effect: Allow
	Action:
	- "s3:*"
	Resource:
	- !Ref "InputS3BucketArn"
	- !Sub "${InputS3BucketArn}/*"
	- !Ref "OutputS3BucketArn"
	- !Sub "${OutputS3BucketArn}/*"

	Outputs:
	InputS3Bucket:
	Description: Input S3 Bucket
	Value: !Select [5, !Split [":", !Ref InputS3BucketArn]]

	OutputS3Bucket:
	Description: Output S3 Bucket
	Value: !Select [5, !Split [":", !Ref OutputS3BucketArn]]
	AWSTemplateFormatVersion: 2010-09-09
	Description: This conditionally creates s3 buckets and parameters for the child templates to use

	Parameters:
	InputS3BucketArn:
	Description: Arn of the S3 Bucket for input
	Type: String
	Default: ""

	OutputS3BucketArn:
	Description: Parameter containing the Arn of the S3 Bucket for output
	Type: String
	Default: ""

	ParameterPath:
	Description: Path for SSM Parameter Store parameters
	Type: String
	Default: /Yolo/Development

	Conditions:
	CreateInputS3Bucket: !Equals [!Ref InputS3BucketArn, ""]
	CreateOutputS3Bucket: !Equals [!Ref OutputS3BucketArn, ""]

	Resources:
	InputS3Bucket:
	Type: AWS::S3::Bucket
	Condition: CreateInputS3Bucket
	Properties:
	VersioningConfiguration:
	Status: Enabled

	InputS3BucketParameter:
	Type: AWS::SSM::Parameter
	Condition: CreateInputS3Bucket
	Properties:
	Name: !Sub ${ParameterPath}/InputS3BucketArn
	Type: String
	Value: !GetAtt InputS3Bucket.Arn

	OutputS3Bucket:
	Type: AWS::S3::Bucket
	Condition: CreateOutputS3Bucket
	Properties:
	VersioningConfiguration:
	Status: Enabled

	OutputS3BucketParameter:
	Type: AWS::SSM::Parameter
	Condition: CreateOutputS3Bucket
	Properties:
	Name: !Sub ${ParameterPath}/OutputS3BucketArn
	Type: String
	Value: !GetAtt OutputS3Bucket.Arn

	Outputs:
	InputS3Bucket:
	Description: S3 Bucket for input
	Value: !If [CreateInputS3Bucket, !Ref InputS3Bucket, !Select [5, !Split [":", !Ref InputS3BucketArn]]]

	OutputS3Bucket:
	Description: S3 Bucket for output
	Value: !If [CreateOutputS3Bucket, !Ref OutputS3Bucket, !Select [5, !Split [":", !Ref OutputS3BucketArn]]]