giuseppe-trisciuoglio/developer-kit
Comprehensive developer toolkit providing reusable skills for Java/Spring Boot, TypeScript/NestJS/React/Next.js, Python, PHP, AWS CloudFormation, AI/RAG, DevOps, and more.
90
90%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Risky
Do not use without reviewing
SKILL.mdplugins/developer-kit-aws/skills/aws-cloudformation/aws-cloudformation-s3/
- name:
- aws-cloudformation-s3
- description:
- Provides AWS CloudFormation patterns for Amazon S3. Use when creating S3 buckets, policies, versioning, lifecycle rules, and implementing template structure with Parameters, Outputs, Mappings, Conditions, and cross-stack references.
- allowed-tools:
- Read, Write, Bash
AWS CloudFormation S3 Patterns
Provides S3 bucket configurations, policies, versioning, lifecycle rules, and CloudFormation template structure best practices for production-ready infrastructure.
When to Use
- Creating S3 buckets with custom configurations
- Implementing bucket policies for access control
- Configuring S3 versioning for data protection
- Setting up lifecycle rules for data management
- Creating Outputs for cross-stack references
- Using Parameters with AWS-specific types
- Organizing templates with Mappings and Conditions
Overview
S3 bucket configurations, policies, versioning, lifecycle rules, and CloudFormation template structure for production-ready infrastructure.
Instructions
- Define Bucket Resources: Create
AWS::S3::Bucketwith versioning, encryption, PublicAccessBlock - Configure Bucket Policy: Set up IAM policies for access control
- Set Up Lifecycle Rules: Define transitions and expiration policies
- Configure CORS: Allow cross-origin requests if needed
- Add Outputs: Export bucket names/ARNs for cross-stack references
Validate before deploy:
aws cloudformation validate-template --template-body file://template.yamlDeploy with rollback on failure:
aws cloudformation deploy \
--template-file template.yaml \
--stack-name my-s3-stack \
--capabilities CAPABILITY_IAMIf deployment fails, CloudFormation automatically rolls back. Check failures with:
aws cloudformation describe-stack-events --stack-name my-s3-stackQuick Reference
| Resource Type | Purpose |
|---|---|
AWS::S3::Bucket | Create S3 bucket |
AWS::S3::BucketPolicy | Set bucket-level policies |
AWS::S3::BucketReplication | Cross-region replication |
| Parameters | Input values for customization |
| Mappings | Static configuration tables |
| Conditions | Conditional resource creation |
| Outputs | Return values for cross-stack references |
Examples
Basic S3 Bucket
Resources:
DataBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: my-data-bucketBucket with Versioning and Encryption
DataBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub "${AWS::StackName}-data"
VersioningConfiguration:
Status: Enabled
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: trueLifecycle Rule
DataBucket:
Type: AWS::S3::Bucket
Properties:
LifecycleConfiguration:
Rules:
- Id: ArchiveOldData
Status: Enabled
Transitions:
- StorageClass: GLACIER
TransitionInDays: 365Bucket Policy
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref DataBucket
PolicyDocument:
Statement:
- Effect: Allow
Principal:
AWS: !Ref RoleArn
Action:
- s3:GetObject
Resource: !Sub "${DataBucket.Arn}/*"See references/complete-examples.md for more complete examples including CORS, static websites, replication, and production-ready configurations.
Template Structure
Template Sections
AWSTemplateFormatVersion: 2010-09-09
Description: Template description
Mappings: {} # Static configuration tables
Metadata: {} # Additional information
Parameters: {} # Input values
Conditions: {} # Conditional creation
Transform: {} # Macro processing
Resources: {} # AWS resources (REQUIRED)
Outputs: {} # Return valuesParameters
Parameters:
BucketName:
Type: String
Description: S3 bucket name
Default: my-bucket
MinLength: 3
MaxLength: 63
AllowedPattern: '^[a-z0-9-]+$'Conditions
Conditions:
IsProduction: !Equals [!Ref Environment, prod]
ShouldEnableVersioning: !Equals [!Ref EnableVersioning, 'true']
Resources:
DataBucket:
Type: AWS::S3::Bucket
Properties:
VersioningConfiguration:
Status: !If [ShouldEnableVersioning, Enabled, Suspended]Outputs
Outputs:
BucketName:
Description: Name of the S3 bucket
Value: !Ref DataBucket
Export:
Name: !Sub '${AWS::StackName}-BucketName'See references/advanced-configuration.md for detailed Mappings, Conditions, Parameters, and cross-stack references.
Best Practices
- Public Access Block: Always enable for non-static website buckets
- Versioning: Enable for critical data to prevent accidental deletion
- Bucket Policies: Use instead of ACLs for access control
- Lifecycle Rules: Implement cost optimization with tiering
- Encryption: Enable default encryption (SSE-KMS or AES256)
- Tags: Tag all resources for organization and cost allocation
- Outputs: Export bucket names/ARNs for cross-stack references
- Parameters: Use parameters for reusability across environments
Common Troubleshooting
Bucket already exists: Use unique bucket names with CloudFormation stack name Access denied: Verify bucket policy and IAM permissions Versioning conflicts: Cannot suspend versioning once objects exist Lifecycle not working: Check rule status and prefix filters Cross-stack references: Ensure outputs are exported before importing
Related Skills
- aws-cloudformation-security - Security best practices for S3
- aws-cloudformation-lambda - Lambda triggers for S3 events
- aws-cloudformation-iam - IAM roles for S3 access
References
Complete Examples
- references/complete-examples.md - Basic buckets, versioning, lifecycle, CORS, policies, production stacks, event notifications, static websites, replication
Advanced Configuration
- references/advanced-configuration.md - Parameters, Mappings, Conditions, Outputs, Metadata, DeletionPolicy, DependsOn, Transform
Constraints and Warnings
- Bucket names: Must be globally unique (across all AWS accounts)
- Versioning: Cannot be suspended once objects exist in bucket
- Lifecycle rules: Minimum 1 day for expiration, 0 days for transitions
- Bucket policies: Limited to 20 KB in size
- Public access: Blocked by default; requires explicit configuration
- CORS: Limited to 100 rules per bucket
- Replication: Versioning must be enabled on both source and destination
- Encryption: KMS keys must be in same region as bucket
- Tags: Maximum 50 tags per resource
- Stack limits: CloudFormation limits resources per stack (200 default)
docs
plugins
developer-kit-ai
developer-kit-aws
agents
docs
skills
aws
aws-cli-beast
aws-cost-optimization
aws-drawio-architecture-diagrams
aws-sam-bootstrap
aws-cloudformation
aws-cloudformation-auto-scaling
aws-cloudformation-bedrock
aws-cloudformation-cloudfront
aws-cloudformation-cloudwatch
aws-cloudformation-dynamodb
aws-cloudformation-ec2
aws-cloudformation-ecs
aws-cloudformation-elasticache
references
aws-cloudformation-iam
references
aws-cloudformation-lambda
aws-cloudformation-rds
aws-cloudformation-s3
aws-cloudformation-security
aws-cloudformation-task-ecs-deploy-gh
aws-cloudformation-vpc
references
developer-kit-core
agents
commands
skills
developer-kit-devops
developer-kit-java
agents
commands
docs
skills
aws-lambda-java-integration
aws-rds-spring-boot-integration
aws-sdk-java-v2-bedrock
aws-sdk-java-v2-core
aws-sdk-java-v2-dynamodb
aws-sdk-java-v2-kms
aws-sdk-java-v2-lambda
aws-sdk-java-v2-messaging
aws-sdk-java-v2-rds
aws-sdk-java-v2-s3
aws-sdk-java-v2-secrets-manager
clean-architecture
graalvm-native-image
langchain4j-ai-services-patterns
references
langchain4j-mcp-server-patterns
references
langchain4j-rag-implementation-patterns
references
langchain4j-spring-boot-integration
langchain4j-testing-strategies
langchain4j-tool-function-calling-patterns
langchain4j-vector-stores-configuration
references
qdrant
references
spring-ai-mcp-server-patterns
spring-boot-actuator
spring-boot-cache
spring-boot-crud-patterns
spring-boot-dependency-injection
spring-boot-event-driven-patterns
spring-boot-openapi-documentation
spring-boot-project-creator
spring-boot-resilience4j
spring-boot-rest-api-standards
spring-boot-saga-pattern
spring-boot-security-jwt
assets
references
scripts
spring-boot-test-patterns
spring-data-jpa
references
spring-data-neo4j
references
unit-test-application-events
unit-test-bean-validation
unit-test-boundary-conditions
unit-test-caching
unit-test-config-properties
references
unit-test-controller-layer
unit-test-exception-handler
references
unit-test-json-serialization
unit-test-mapper-converter
references
unit-test-parameterized
unit-test-scheduled-async
references
unit-test-service-layer
references
unit-test-utility-methods
unit-test-wiremock-rest-api
references
developer-kit-php
developer-kit-project-management
developer-kit-python
developer-kit-specs
commands
docs
hooks
test-templates
tests
skills
developer-kit-tools
developer-kit-typescript
agents
docs
hooks
rules
skills
aws-cdk
aws-lambda-typescript-integration
better-auth
clean-architecture
drizzle-orm-patterns
dynamodb-toolbox-patterns
references
nestjs
nestjs-best-practices
nestjs-code-review
nestjs-drizzle-crud-generator
nextjs-app-router
nextjs-authentication
nextjs-code-review
nextjs-data-fetching
nextjs-deployment
nextjs-performance
nx-monorepo
react-code-review
react-patterns
shadcn-ui
tailwind-css-patterns
tailwind-design-system
references
turborepo-monorepo
typescript-docs
typescript-security-review
zod-validation-utilities
references
github-spec-kit