AWS CloudFormation

This page documents deployments using the next major version dpl v2, which currently is in a beta release phase. Please see our blog post for details. The current default version is dpl v1. Check dpl v1 documentation here.

Be sure to read the v2 deployment overview.

Travis CI can automatically deploy files to AWS CloudFormation after a successful build.

For a minimal configuration, add the following to your .travis.yml:

deploy:
  provider: cloudformation
  access_key_id: <encrypted access_key_id>
  secret_access_key: <encrypted secret_access_key>
  template: <template>
  stack_name: <stack_name>
  edge: true # opt in to dpl v2

Status #

Support for deployments to AWS CloudFormation is *stable**.

Known options #

Use the following options to further configure the deployment.

access_key_id AWS Access Key ID — required, secret, type: string
secret_access_key AWS Secret Key — required, secret, type: string
region AWS Region to deploy to — type: string, default: us-east-1
template CloudFormation template file — required, type: string, note: can be either a local path or an S3 URL
stack_name CloudFormation Stack Name. — required, type: string
stack_name_prefix CloudFormation Stack Name Prefix. — type: string
promote Deploy changes — type: boolean, default: true, note: otherwise a change set is created
role_arn AWS Role ARN — type: string
sts_assume_role AWS Role ARN for cross account deployments (assumed by travis using given AWS credentials). — type: string
capabilities CloudFormation allowed capabilities — type: string or array of strings, known values: CAPABILITY_IAM, CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND, see: https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStack.html
wait Wait for CloutFormation to finish the stack creation and update — type: boolean, default: true
wait_timeout How many seconds to wait for stack creation and update. — type: integer, default: 3600
create_timeout How many seconds to wait before the stack status becomes CREATE_FAILED — type: integer, default: 3600, note: valid only when creating a stack
parameters key=value pairs or ENV var names — type: string or array of strings
output_file Path to output file to store CloudFormation outputs to — type: string

Shared options #

cleanup Clean up build artifacts from the Git working directory before the deployment — type: boolean
run Commands to execute after the deployment finished successfully — type: string or array of strings

Environment variables #

All options can be given as environment variables if prefixed with AWS_ or CLOUDFORMATION_.

For example, access_key_id can be given as

  • AWS_ACCESS_KEY_ID=<access_key_id> or
  • CLOUDFORMATION_ACCESS_KEY_ID=<access_key_id>

Securing secrets #

Secret option values should be given as either encrypted strings in your build configuration (.travis.yml file) or environment variables in your repository settings.

Environment variables can be set on the settings page of your repository, or using travis env set:

travis env set AWS_ACCESS_KEY_ID <access_key_id>

In order to encrypt option values when adding them to your .travis.yml file use travis encrypt:

travis encrypt <access_key_id>

Or use --add to directly add it to your .travis.yml file. Note that this command has to be run in your repository’s root directory:

travis encrypt --add deploy.access_key_id <access_key_id>

Pull Requests #

Note that pull request builds skip the deployment step altogether.

See also #