-
Notifications
You must be signed in to change notification settings - Fork 3
Globals
The globals.hbs file contains information that is account wide and not specific to any particular project or stack. This includes such things as the account number, any IP address ranges you might have, what regions you use, and S3 buckets to store artifacts.
{
"AccountId": "1234567890",
"IPAddresses": {
"Office" : ["1.2.3.4/32", "2.3.4.5/24"],
"Github" : ["192.30.252.0/22"],
"MyHome" : ["9.8.7.6/32"]
},
"Regions": [
{ "Id": "us-east-1",
"AvailabilityZones": [ "a", "b", "d", "e" ],
"AMIs": {{{include 'blueprints/common/AMIs.us-east-1.json'}}},
"ArtifactsBucket": "my-artifacts-us-east-1"
},
{ "Id": "us-west-2",
"AvailabilityZones": [ "a", "b", "c" ],
"AMIs": {{{include 'blueprints/common/AMIs.us-west-2.json'}}},
"ArtifactsBucket": "my-artifacts-us-west-2"
}
]
}
This can be used in templates {{@root.AccountId}}to retrieve the id for the current AWS account.
"AlarmActions": ["arn:aws:sns:us-east-1:{{@root.AccountId}}:Alert_AWS_Admins"]
These are generally used for creating Security Groups. It allows you to change/add/remove IP addresses in one place and have all of your templates updated automatically.
{{#each @root.IPAddresses.Office}}
{ "IpProtocol": "tcp", "FromPort": 80, "ToPort": 80, "CidrIp": "{{this}}" },
{ "IpProtocol": "tcp", "FromPort": 443, "ToPort": 443, "CidrIp": "{{this}}" },
{{/each}}
The best way to use AWS is to spread your stacks over multiple regions and in order to help you do this the regions section allows you to specify different properties for different regions.
Each AWS region has different availability zones and the ones that are available to use are different for different accounts.
This S3 bucket is where your completed templates and user-data file will be stored for each region.