AWS CloudFormation

This page documents deployments using the dpl v2. Please see our blog post for details. You can check previous dpl v1 documentation here.

Status
Known options
Environment variables
Securing secrets
Pull Requests
See also

Travis CI can automatically deploy files to AWS CloudFormation after a successful build.

For a minimal configuration, add the following to your .travis.yml:

deploy:
  provider: cloudformation
  access_key_id: <encrypted access_key_id>
  secret_access_key: <encrypted secret_access_key>
  template: <template>
  stack_name: <stack_name>
  edge: true # opt in to dpl v2

Status #

Support for deployments to AWS CloudFormation is stable.

Known options #

Use the following options to further configure the deployment.

`access_key_id`	AWS Access Key ID — required, secret, type: string
`secret_access_key`	AWS Secret Key — required, secret, type: string
`region`	AWS Region to deploy to — type: string, default: `us-east-1`
`template`	CloudFormation template file — required, type: string, note: can be either a local path or an S3 URL
`stack_name`	CloudFormation Stack Name. — required, type: string
`stack_name_prefix`	CloudFormation Stack Name Prefix. — type: string
`promote`	Deploy changes — type: boolean, default: `true`, note: otherwise a change set is created
`role_arn`	AWS Role ARN — type: string
`sts_assume_role`	AWS Role ARN for cross account deployments (assumed by travis using given AWS credentials). — type: string
`capabilities`	CloudFormation allowed capabilities — type: string or array of strings, known values: `CAPABILITY_IAM`, `CAPABILITY_NAMED_IAM`, `CAPABILITY_AUTO_EXPAND`, see: https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html
`wait`	Wait for CloutFormation to finish the stack creation and update — type: boolean, default: `true`
`wait_timeout`	How many seconds to wait for stack creation and update. — type: integer, default: `3600`
`create_timeout`	How many seconds to wait before the stack status becomes CREATE_FAILED — type: integer, default: `3600`, note: valid only when creating a stack
`parameters`	key=value pairs or ENV var names — type: string or array of strings
`output_file`	Path to output file to store CloudFormation outputs to — type: string

Shared options #

`cleanup`	Clean up build artifacts from the Git working directory before the deployment — type: boolean
`run`	Commands to execute after the deployment finished successfully — type: string or array of strings

Environment variables #

All options can be given as environment variables if prefixed with AWS_ or CLOUDFORMATION_.

For example, access_key_id can be given as

AWS_ACCESS_KEY_ID=<access_key_id> or
CLOUDFORMATION_ACCESS_KEY_ID=<access_key_id>

Securing secrets #

Secret option values should be given as either encrypted strings in your build configuration (.travis.yml file) or environment variables in your repository settings.

Environment variables can be set on the settings page of your repository, or using travis env set:

travis env set AWS_ACCESS_KEY_ID <access_key_id>

In order to encrypt option values when adding them to your .travis.yml file use travis encrypt:

travis encrypt <access_key_id>

Or use --add to directly add it to your .travis.yml file. Note that this command has to be run in your repository’s root directory:

travis encrypt --add deploy.access_key_id <access_key_id>

Pull Requests #

Note that pull request builds skip the deployment step altogether.