amazon-cloudformation

I am attempting to set a certificate in my CloudFrontDistribution using Cloud Formation. My certificate has been issued via Certificate Manager. It has been approved, and I have validated that the certificate works by manual configuration directly through the CloudFront console. Within my CloudFormation template, I have attempted to use both the Identifier and ARN values associated with the certificate in the IamCertificateId property: "ViewerCertificate" : { "IamCertificateId" : "********", "SslSupportMethod": "sni-only" } But in both cases I receive the following error: The specified SSL

How to set crontab when using AWS CloudFormation Userdata? I am setting (crontab -l ; echo "0 * * * * wget -O - -q http://www.example.com/cron.php") | crontab - But the cron is not setting. Is there a specific format which I should be using? This will work, set this in your template, for your instance: "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash\n", "echo '0 * * * * wget -O - -q http://www.example.com/cron.php' > /tmp/mycrontab.txt\n", "sudo -u ubuntu bash -c 'crontab /tmp/mycrontab.txt'\n", ] ] } } To do this properly you should do the following inside the bash script:

Is there anyway we can pass dynamic references to Secret Manager to AWS Launch Config User Data? Here is the code snippet I tried: "SampleLaunchConfig": { "Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": { "ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, "AMI" ] }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash -xe\n", "yum update -y\n", "useradd -p <<pwd>>{{resolve:secretsmanager:Credentials:SecretString:userName}}\n", "\n" ] ] } } } } Seems error in getting the useradd: invalid user name '{{resolve:secretsmanager:Credentials

I am trying to run congnito via cloudformation and everything works but there is section in cognito as follows: As you see there is section "Enable identity providers" and I can not find where I can set it to my cognito user pool in cloudformation! I tried this attributes but it says not supported. SupportedIdentityProviders Here is my code for user pool client: UserPoolClient: Type: "AWS::Cognito::UserPoolClient" Properties: ClientName: !Sub ${project}-client ExplicitAuthFlows: - ADMIN_NO_SRP_AUTH - USER_PASSWORD_AUTH GenerateSecret: false UserPoolId: !Ref UserPool RefreshTokenValidity: 30

Enable / disable sections of a CloudFormation for CodePipeline using Conditionals: This creates a manual notification action once staging has been built and passed Runscope tests: - InputArtifacts: [] Name: !Join ["",[!Ref GitHubRepository, "-prd-approval"]] ActionTypeId: Category: Approval Owner: AWS Version: '1' Provider: Manual OutputArtifacts: [] Configuration: NotificationArn: !GetAtt ["SNSApprovalNotification", "Outputs.SNSTopicArn"] ExternalEntityLink: OutputTestUrl RunOrder: 3 How to enable/disable this like other CloudFormation resources with a Condition: . Action steps don't