I was looking for cloudformation script for S3 bucket replication between two buckets within the same account. I am able to create one myself, answering this in case someone is looking for it
Here is the cloudformation script that can create bucket, iam role needed for repliation and setup replication at the same time.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Create bucket and setup replication",
"Parameters": {
"sourceBucketName": {
"Description": "Name for the source bucket",
"Type": "String"
},
"destinationBucketName": {
"Description": "Name for the destination bucket",
"Type": "String"
}
},
"Resources": {
"BucketRole": {
"Type": "AWS::IAM::Role",
"Condition": "IsProdSourceBucket",
"Properties": {
"Path": "/",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Principal": {"Service": ["s3.amazonaws.com"]},
"Action": ["sts:AssumeRole"],
"Effect": "Allow"
}
]
},
"Policies": [
{
"PolicyName": "bucket-replication-permissions",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl"
],
"Resource": [
{"Fn::Sub": "arn:aws:s3:::${sourceBucketName}/*"}
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetReplicationConfiguration"
],
"Resource": [
{"Fn::Sub": "arn:aws:s3:::${sourceBucketName}"}
]
},
{
"Effect": "Allow",
"Action": [
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
"s3:GetObjectVersionTagging"
],
"Resource": {"Fn::Sub": "arn:aws:s3:::${destinationBucketName}/*"}
}
]
}
}
]
}
},
"BucketConfiguration": {
"Type": "AWS::S3::Bucket",
"DeletionPolicy": "Retain",
"Properties": {
"BucketName": {"Ref": "sourceBucketName"},
"VersioningConfiguration": {
"Status": "Enabled"
},
"ReplicationConfiguration": {
"Role" : { "Fn::GetAtt" : [ "BucketRole", "Arn" ] },
"Rules" : [{
"Destination" : {"Bucket": {"Fn::Sub": "arn:aws:s3:::${destinationBucketName}"}},
"Prefix" : "",
"Status" : "Enabled"
}]
}
}
}
},
"Outputs": {
"BucketConfiguration": {
"Description": "Optimizer configuration files.",
"Value": {"Ref": "BucketConfiguration"},
"Export": {"Name": "BucketConfiguration"}
},
"BucketConfigurationARN": {
"Description": "Optimizer configuration files.",
"Value": {"Fn::GetAtt": ["BucketConfiguration", "Arn"]},
"Export": {"Name": "BucketConfigurationARN"}
}
}
}
References:
https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-walkthrough1.html
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html