AWS::ElasticBeanstalk::Environment
The AWS::ElasticBeanstalk::Environment resource is an AWS Elastic Beanstalk resource type that specifies an Elastic Beanstalk environment.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::ElasticBeanstalk::Environment", "Properties" : { "ApplicationName" :String, "CNAMEPrefix" :String, "Description" :String, "EnvironmentName" :String, "OperationsRole" :String, "OptionSettings" :[ OptionSetting, ... ], "PlatformArn" :String, "SolutionStackName" :String, "Tags" :[ Tag, ... ], "TemplateName" :String, "Tier" :Tier, "VersionLabel" :String} }
YAML
Type: AWS::ElasticBeanstalk::Environment Properties: ApplicationName:StringCNAMEPrefix:StringDescription:StringEnvironmentName:StringOperationsRole:StringOptionSettings:- OptionSettingPlatformArn:StringSolutionStackName:StringTags:- TagTemplateName:StringTier:TierVersionLabel:String
Properties
ApplicationName-
The name of the application that is associated with this environment.
Required: Yes
Type: String
Minimum:
1Maximum:
100Update requires: Replacement
CNAMEPrefix-
If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.
Required: No
Type: String
Minimum:
4Maximum:
63Update requires: Replacement
Description-
Your description for this environment.
Required: No
Type: String
Maximum:
200Update requires: No interruption
EnvironmentName-
A unique name for the environment.
Constraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.
If you don't specify the
CNAMEPrefixparameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.If you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see Name Type.
Important
If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
Required: No
Type: String
Minimum:
4Maximum:
40Update requires: Replacement
OperationsRole-
Important
The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change.
The Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the
iam:PassRolepermission for the role.Required: No
Type: String
Minimum:
1Maximum:
256Update requires: No interruption
OptionSettings-
Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the configuration template. If you remove any options during a stack update, the removed options retain their current values.
Required: No
Type: Array of OptionSetting
Update requires: No interruption
PlatformArn-
The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see Custom Platforms in the AWS Elastic Beanstalk Developer Guide.
Note
If you specify
PlatformArn, don't specifySolutionStackName.Required: No
Type: String
Update requires: No interruption
SolutionStackName-
The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see Elastic Beanstalk Supported Platforms in the AWS Elastic Beanstalk Platforms guide.
Note
If you specify
SolutionStackName, don't specifyPlatformArnorTemplateName.Required: No
Type: String
Update requires: Replacement
-
Specifies the tags applied to resources in the environment.
Required: No
Type: Array of Tag
Update requires: No interruption
TemplateName-
The name of the Elastic Beanstalk configuration template to use with the environment.
Note
If you specify
TemplateName, then don't specifySolutionStackName.Required: No
Type: String
Minimum:
1Maximum:
100Update requires: No interruption
Tier-
Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.
Required: No
Type: Tier
Update requires: No interruption
VersionLabel-
The name of the application version to deploy.
Default: If not specified, Elastic Beanstalk attempts to deploy the sample application.
Required: No
Type: String
Minimum:
1Maximum:
100Update requires: No interruption
Return values
Ref
When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource name.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
EndpointURL-
For load-balanced, autoscaling environments, the URL to the load balancer. For single-instance environments, the IP address of the instance.
Example load balancer URL:
awseb-myst-myen-132MQC4KRLAMD-1371280482---us-east-2---elb.amazonaws.com.rproxy.goskope.comExample instance IP address:
192.0.2.0
Examples
Simple Environment
JSON
{ "Type" : "AWS::ElasticBeanstalk::Environment", "Properties" : { "ApplicationName" : { "Ref" : "sampleApplication" }, "Description" : "AWS Elastic Beanstalk Environment running PHP Sample Application", "EnvironmentName" : "SamplePHPEnvironment", "TemplateName" : "DefaultConfiguration", "VersionLabel" : "Initial Version" } }
YAML
Type: AWS::ElasticBeanstalk::Environment Properties: ApplicationName: Ref: sampleApplication Description: "AWS Elastic Beanstalk Environment running PHP Sample Application" EnvironmentName: SamplePHPEnvironment TemplateName: DefaultConfiguration VersionLabel: "Initial Version"
Environment with Embedded Option Settings
JSON
{ "Type" : "AWS::ElasticBeanstalk::Environment", "Properties" : { "ApplicationName" : { "Ref" : "sampleApplication" }, "Description" : "AWS Elastic Beanstalk Environment running Python Sample Application", "EnvironmentName" : "SamplePythonEnvironment", "SolutionStackName" : "64bit Amazon Linux 2017.03 v2.5.0 running Python 2.7", "OptionSettings" : [ { "Namespace" : "aws:autoscaling:launchconfiguration", "OptionName" : "EC2KeyName", "Value" : { "Ref" : "KeyName" } } ], "VersionLabel" : "Initial Version" } }
YAML
Type: AWS::ElasticBeanstalk::Environment Properties: ApplicationName: Ref: sampleApplication Description: "AWS Elastic Beanstalk Environment running Python Sample Application" EnvironmentName: SamplePythonEnvironment SolutionStackName: "64bit Amazon Linux 2017.03 v2.5.0 running Python 2.7" OptionSettings: - Namespace: "aws:autoscaling:launchconfiguration" OptionName: EC2KeyName Value: Ref: KeyName VersionLabel: "Initial Version"
Custom or Supported Platform
The following example contains parameters that enable specifying
PlatformArn for a custom platform or SolutionStackName for a
supported platform when creating the stack.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Elasticbeanstalk test template", "Parameters": { "BeanstalkService": { "Type": "String" }, "Ec2Service": { "Type": "String" }, "Partition":{ "Type": "String" }, "SolutionStackName": { "Type": "String" }, "PlatformArn": { "Type": "String" } }, "Resources": { "Application": { "Type": "AWS::ElasticBeanstalk::Application", "Properties": { "ApplicationName": "SampleBeanstalkApp", "Description": "AWS Elastic Beanstalk Python Sample Application" } }, "AppVersion": { "Type": "AWS::ElasticBeanstalk::ApplicationVersion", "Properties": { "ApplicationName": {"Ref" : "Application"}, "Description": "Version 1.0", "SourceBundle": { "S3Bucket": { "Fn::Join": ["-", [ "elasticbeanstalk-samples", { "Ref" : "AWS::Region" } ] ] }, "S3Key": "python-sample-20150402.zip" } } }, "Environment": { "Type": "AWS::ElasticBeanstalk::Environment", "Properties": { "ApplicationName": {"Ref": "Application"}, "Description": "AWS Elastic Beanstalk Environment running Python Sample Application", "PlatformArn": { "Ref" : "PlatformArn"}, "SolutionStackName": { "Ref": "SolutionStackName" }, "VersionLabel": {"Ref": "AppVersion"}, "OptionSettings": [ { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "IamInstanceProfile", "Value": { "Ref": "InstanceProfile" } }, { "Namespace": "aws:elasticbeanstalk:environment", "OptionName": "ServiceRole", "Value": { "Ref": "ServiceRole" } } ] } }, "ServiceRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": {"Ref": "BeanstalkService"} }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "sts:ExternalId": "elasticbeanstalk" } } } ] }, "Policies": [ { "PolicyName": "root", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "elasticloadbalancing:DescribeInstanceHealth", "ec2:DescribeInstances", "ec2:DescribeInstanceStatus", "ec2:GetConsoleOutput", "ec2:AssociateAddress", "ec2:DescribeAddresses", "ec2:DescribeSecurityGroups", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeNotificationConfigurations" ], "Resource": [ "*" ] } ] } } ], "Path": "/" } }, "InstanceProfile": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ { "Ref": "InstanceProfileRole" } ] } }, "InstanceProfileRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ {"Ref": "Ec2Service"} ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Policies": [ { "PolicyName": "root", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Sid": "BucketAccess", "Action": [ "s3:Get*", "s3:List*", "s3:PutObject" ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "Partition" }, ":s3:::elasticbeanstalk-*-", { "Ref": "AWS::AccountId" } ] ] }, { "Fn::Join": [ "", [ "arn:", { "Ref": "Partition" }, ":s3:::elasticbeanstalk-*-", { "Ref": "AWS::AccountId" }, "/*" ] ] }, { "Fn::Join": [ "", [ "arn:", { "Ref": "Partition" }, ":s3:::elasticbeanstalk-*-", { "Ref": "AWS::AccountId" }, "-*" ] ] }, { "Fn::Join": [ "", [ "arn:", { "Ref": "Partition" }, ":s3:::elasticbeanstalk-*-", { "Ref": "AWS::AccountId" }, "-*/*" ] ] } ] }, { "Sid": "ECSAccess", "Effect": "Allow", "Action": [ "ecs:StartTask", "ecs:StopTask", "ecs:RegisterContainerInstance", "ecs:DeregisterContainerInstance", "ecs:DescribeContainerInstances", "ecs:DiscoverPollEndpoint", "ecs:Submit*", "ecs:Poll" ], "Resource": "*" }, { "Sid": "QueueAccess", "Action": [ "sqs:ChangeMessageVisibility", "sqs:DeleteMessage", "sqs:ReceiveMessage", "sqs:SendMessage" ], "Effect": "Allow", "Resource": "*" }, { "Sid": "DynamoPeriodicTasks", "Action": [ "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query", "dynamodb:Scan", "dynamodb:UpdateItem" ], "Effect": "Allow", "Resource": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "Partition" }, ":dynamodb:*:", { "Ref": "AWS::AccountId" }, ":table/*-stack-AWSEBWorkerCronLeaderRegistry*" ] ] } ] }, { "Sid": "MetricsAccess", "Action": [ "cloudwatch:PutMetricData" ], "Effect": "Allow", "Resource": "*" } ] } } ], "Path": "/" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Description: Elasticbeanstalk test template Parameters: BeanstalkService: Type: String Ec2Service: Type: String Partition: Type: String SolutionStackName: Type: String PlatformArn: Type: String Resources: Application: Type: AWS::ElasticBeanstalk::Application Properties: ApplicationName: SampleBeanstalkApp Description: AWS Elastic Beanstalk Python Sample Application AppVersion: Type: AWS::ElasticBeanstalk::ApplicationVersion Properties: ApplicationName: !Ref Application Description: Version 1.0 SourceBundle: S3Bucket: Fn::Join: - '-' - - 'elasticbeanstalk-samples' - !Ref 'AWS::Region' S3Key: python-sample-20150402.zip Environment: Type: AWS::ElasticBeanstalk::Environment Properties: ApplicationName: !Ref Application Description: AWS Elastic Beanstalk Environment running Python Sample Application PlatformArn: !Ref PlatformArn SolutionStackName: !Ref SolutionStackName VersionLabel: !Ref AppVersion OptionSettings: - Namespace: 'aws:autoscaling:launchconfiguration' OptionName: IamInstanceProfile Value: !Ref InstanceProfile - Namespace: 'aws:elasticbeanstalk:environment' OptionName: ServiceRole Value: !Ref ServiceRole ServiceRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Sid: '' Effect: Allow Principal: Service: !Ref BeanstalkService Action: 'sts:AssumeRole' Condition: StringEquals: 'sts:ExternalId': elasticbeanstalk Policies: - PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - 'elasticloadbalancing:DescribeInstanceHealth' - 'ec2:DescribeInstances' - 'ec2:DescribeInstanceStatus' - 'ec2:GetConsoleOutput' - 'ec2:AssociateAddress' - 'ec2:DescribeAddresses' - 'ec2:DescribeSecurityGroups' - 'sqs:GetQueueAttributes' - 'sqs:GetQueueUrl' - 'autoscaling:DescribeAutoScalingGroups' - 'autoscaling:DescribeAutoScalingInstances' - 'autoscaling:DescribeScalingActivities' - 'autoscaling:DescribeNotificationConfigurations' Resource: - '*' Path: / InstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: / Roles: - !Ref InstanceProfileRole InstanceProfileRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - !Ref Ec2Service Action: - 'sts:AssumeRole' Policies: - PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Sid: BucketAccess Action: - 's3:Get*' - 's3:List*' - 's3:PutObject' Effect: Allow Resource: - !Join - '' - - 'arn:' - !Ref Partition - ':s3:::elasticbeanstalk-*-' - !Ref 'AWS::AccountId' - !Join - '' - - 'arn:' - !Ref Partition - ':s3:::elasticbeanstalk-*-' - !Ref 'AWS::AccountId' - /* - !Join - '' - - 'arn:' - !Ref Partition - ':s3:::elasticbeanstalk-*-' - !Ref 'AWS::AccountId' - '-*' - !Join - '' - - 'arn:' - !Ref Partition - ':s3:::elasticbeanstalk-*-' - !Ref 'AWS::AccountId' - '-*/*' - Sid: ECSAccess Effect: Allow Action: - 'ecs:StartTask' - 'ecs:StopTask' - 'ecs:RegisterContainerInstance' - 'ecs:DeregisterContainerInstance' - 'ecs:DescribeContainerInstances' - 'ecs:DiscoverPollEndpoint' - 'ecs:Submit*' - 'ecs:Poll' Resource: '*' - Sid: QueueAccess Action: - 'sqs:ChangeMessageVisibility' - 'sqs:DeleteMessage' - 'sqs:ReceiveMessage' - 'sqs:SendMessage' Effect: Allow Resource: '*' - Sid: DynamoPeriodicTasks Action: - 'dynamodb:BatchGetItem' - 'dynamodb:BatchWriteItem' - 'dynamodb:DeleteItem' - 'dynamodb:GetItem' - 'dynamodb:PutItem' - 'dynamodb:Query' - 'dynamodb:Scan' - 'dynamodb:UpdateItem' Effect: Allow Resource: - !Join - '' - - 'arn:' - !Ref Partition - ':dynamodb:*:' - !Ref 'AWS::AccountId' - ':table/*-stack-AWSEBWorkerCronLeaderRegistry*' - Sid: MetricsAccess Action: - 'cloudwatch:PutMetricData' Effect: Allow Resource: '*' Path: /
See also
-
Creating an AWS Elastic Beanstalk Environment in the AWS Elastic Beanstalk Developer Guide
-
Managing Environments in the AWS Elastic Beanstalk Developer Guide
-
For a complete Elastic Beanstalk sample template, see Elastic Beanstalk Template Snippets.
