fredead · July 15, 2016 07:54
diff --git a/Lambda stack CFN utils b/Lambda stack CFN utils
 {
    "Description": "lambda helper functions for stacks",
    "Outputs": {
        "LookupStackARN": {
            "Description": "Arn for lookup stack arn",
            "Value": {
                "Fn::GetAtt": [
                    "LookupStackOutputs",
                    "Arn"
                ]
            }
        },
        "SubscribeARN": {
            "Description": "ARN for subscribe lambda",
            "Value": {
                "Fn::GetAtt": [
                    "Subscribe",
                    "Arn"
                ]
            }
        }
    },
    "Resources": {
        "LambdaExecutionStackRole": {
            "Properties": {
                "AssumeRolePolicyDocument": {
                    "Statement": [
                        {
                            "Action": [
                                "sts:AssumeRole"
                            ],
                            "Effect": "Allow",
                            "Principal": {
                                "Service": [
                                    "lambda.amazonaws.com"
                                ]
                            }
                        }
                    ],
                    "Version": "2012-10-17"
                },
                "Path": "/",
                "Policies": [
                    {
                        "PolicyDocument": {
                            "Statement": [
                                {
                                    "Action": [
                                        "logs:CreateLogGroup",
                                        "logs:CreateLogStream",
                                        "logs:PutLogEvents"
                                    ],
                                    "Effect": "Allow",
                                    "Resource": "arn:aws:logs:*:*:*"
                                },
                                {
                                    "Action": [
                                        "cloudformation:DescribeStacks"
                                    ],
                                    "Effect": "Allow",
                                    "Resource": "*"
                                }
                            ],
                            "Version": "2012-10-17"
                        },
                        "PolicyName": "root"
                    }
                ]
            },
            "Type": "AWS::IAM::Role"
        },
        "LambdaSubExecutionRole": {
            "Properties": {
                "AssumeRolePolicyDocument": {
                    "Statement": [
                        {
                            "Action": [
                                "sts:AssumeRole"
                            ],
                            "Effect": "Allow",
                            "Principal": {
                                "Service": [
                                    "lambda.amazonaws.com"
                                ]
                            }
                        }
                    ],
                    "Version": "2012-10-17"
                },
                "Path": "/",
                "Policies": [
                    {
                        "PolicyDocument": {
                            "Statement": [
                                {
                                    "Action": [
                                        "logs:CreateLogGroup",
                                        "logs:CreateLogStream",
                                        "logs:PutLogEvents"
                                    ],
                                    "Effect": "Allow",
                                    "Resource": "arn:aws:logs:*:*:*"
                                },
                                {
                                    "Action": [
                                        "sns:Subscribe",
                                        "sns:Unsubscribe"
                                    ],
                                    "Effect": "Allow",
                                    "Resource": "*"
                                }
                            ],
                            "Version": "2012-10-17"
                        },
                        "PolicyName": "root"
                    }
                ]
            },
            "Type": "AWS::IAM::Role"
        },
        "LookupStackOutputs": {
            "Properties": {
                "Code": {
                    "ZipFile": {
                        "Fn::Join": [
                            "",
                            [
                                "var response = require('cfn-response');",
                                "exports.handler = function(event, context) {",
                                "    console.log('REQUEST RECEIVED:\\n', JSON.stringify(event));",
                                "    if (event.RequestType == 'Delete') {",
                                "        response.send(event, context, response.SUCCESS);",
                                "        return;",
                                "    }",
                                "    var stackName = event.ResourceProperties.StackName;",
                                "    var responseData = {};",
                                "    if (stackName) {",
                                "        var aws = require('aws-sdk');",
                                "        var cfn = new aws.CloudFormation();",
                                "        cfn.describeStacks({StackName: stackName}, function(err, data) {",
                                "            if (err) {",
                                "                responseData = {Error: 'DescribeStacks call failed'};",
                                "                console.log(responseData.Error + ':\\n', err);",
                                "                response.send(event, context, response.FAILED, responseData);",
                                "            }",
                                "            else {",
                                "                data.Stacks[0].Outputs.forEach(function(output) {",
                                "                    responseData[output.OutputKey] = output.OutputValue;",
                                "                });",
                                "                response.send(event, context, response.SUCCESS, responseData);",
                                "            }",
                                "        });",
                                "    } else {",
                                "        responseData = {Error: 'Stack name not specified'};",
                                "        console.log(responseData.Error);",
                                "        response.send(event, context, response.FAILED, responseData);",
                                "    }",
                                "};"
                            ]
                        ]
                    }
                },
                "Handler": "index.handler",
                "Role": {
                    "Fn::GetAtt": [
                        "LambdaExecutionStackRole",
                        "Arn"
                    ]
                },
                "Runtime": "nodejs",
                "Timeout": 40
            },
            "Type": "AWS::Lambda::Function"
        },
        "Subscribe": {
            "Properties": {
                "Code": {
                    "ZipFile": {
                        "Fn::Join": [
                            "",
                            [
                                "var response = require('cfn-response');",
                                "exports.handler = function(event, context) {",
                                "  console.log('REQUEST RECEIVED:\\n', JSON.stringify(event));",
                                "  var responseData = {};",
                                "  if (event.RequestType == 'Delete') {",
                                "    var subscriptionArn = event.PhysicalResourceId;",
                                "    var aws = require('aws-sdk');",
                                "    var sns = new aws.SNS();",
                                "    sns.unsubscribe({SubscriptionArn: subscriptionArn}, function(err, data) {",
                                "      if (err) {",
                                "          responseData = {Error: 'Failed to unsubscribe from SNS Topic'};",
                                "          response.send(event, context, response.FAILED, responseData);",
                                "      } else {",
                                "          response.send(event, context, response.SUCCESS, data, data.SubscriptionArn);",
                                "      }",
                                "    });",
                                "    return;",
                                "  }",
                                "  if (event.RequestType == 'Create' || event.RequestType == 'Update') {",
                                "    var topicArn = event.ResourceProperties.TopicArn;",
                                "    var endpoint = event.ResourceProperties.Endpoint;",
                                "    var protocol = event.ResourceProperties.Protocol;",
                                "    if (topicArn && endpoint && protocol) {",
                                "      var aws = require('aws-sdk');",
                                "      var sns = new aws.SNS();",
                                "      sns.subscribe({TopicArn: topicArn, Endpoint: endpoint, Protocol: protocol}, function(err, data) {",
                                "        if (err) {",
                                "          responseData = {Error: 'Failed to subscribe to SNS Topic'};",
                                "          console.log(responseData.Error + ':\\n', err);",
                                "          response.send(event, context, response.FAILED, responseData);",
                                "        } else {",
                                "          response.send(event, context, response.SUCCESS, data, data.SubscriptionArn);",
                                "        }",
                                "      });",
                                "    } else {",
                                "      responseData = {Error: 'Missing one of required arguments'};",
                                "      console.log(responseData.Error);",
                                "      response.send(event, context, response.FAILED, responseData);",
                                "    }",
                                "  }",
                                "};"
                            ]
                        ]
                    }
                },
                "Handler": "index.handler",
                "Role": {
                    "Fn::GetAtt": [
                        "LambdaSubExecutionRole",
                        "Arn"
                    ]
                },
                "Runtime": "nodejs",
                "Timeout": 40
            },
            "Type": "AWS::Lambda::Function"
        }
    }
 }
	{
	"Description": "lambda helper functions for stacks",
	"Outputs": {
	"LookupStackARN": {
	"Description": "Arn for lookup stack arn",
	"Value": {
	"Fn::GetAtt": [
	"LookupStackOutputs",
	"Arn"
	]
	}
	},
	"SubscribeARN": {
	"Description": "ARN for subscribe lambda",
	"Value": {
	"Fn::GetAtt": [
	"Subscribe",
	"Arn"
	]
	}
	}
	},
	"Resources": {
	"LambdaExecutionStackRole": {
	"Properties": {
	"AssumeRolePolicyDocument": {
	"Statement": [
	{
	"Action": [
	"sts:AssumeRole"
	],
	"Effect": "Allow",
	"Principal": {
	"Service": [
	"lambda.amazonaws.com"
	]
	}
	}
	],
	"Version": "2012-10-17"
	},
	"Path": "/",
	"Policies": [
	{
	"PolicyDocument": {
	"Statement": [
	{
	"Action": [
	"logs:CreateLogGroup",
	"logs:CreateLogStream",
	"logs:PutLogEvents"
	],
	"Effect": "Allow",
	"Resource": "arn:aws:logs:::*"
	},
	{
	"Action": [
	"cloudformation:DescribeStacks"
	],
	"Effect": "Allow",
	"Resource": "*"
	}
	],
	"Version": "2012-10-17"
	},
	"PolicyName": "root"
	}
	]
	},
	"Type": "AWS::IAM::Role"
	},
	"LambdaSubExecutionRole": {
	"Properties": {
	"AssumeRolePolicyDocument": {
	"Statement": [
	{
	"Action": [
	"sts:AssumeRole"
	],
	"Effect": "Allow",
	"Principal": {
	"Service": [
	"lambda.amazonaws.com"
	]
	}
	}
	],
	"Version": "2012-10-17"
	},
	"Path": "/",
	"Policies": [
	{
	"PolicyDocument": {
	"Statement": [
	{
	"Action": [
	"logs:CreateLogGroup",
	"logs:CreateLogStream",
	"logs:PutLogEvents"
	],
	"Effect": "Allow",
	"Resource": "arn:aws:logs:::*"
	},
	{
	"Action": [
	"sns:Subscribe",
	"sns:Unsubscribe"
	],
	"Effect": "Allow",
	"Resource": "*"
	}
	],
	"Version": "2012-10-17"
	},
	"PolicyName": "root"
	}
	]
	},
	"Type": "AWS::IAM::Role"
	},
	"LookupStackOutputs": {
	"Properties": {
	"Code": {
	"ZipFile": {
	"Fn::Join": [
	"",
	[
	"var response = require('cfn-response');",
	"exports.handler = function(event, context) {",
	" console.log('REQUEST RECEIVED:\\n', JSON.stringify(event));",
	" if (event.RequestType == 'Delete') {",
	" response.send(event, context, response.SUCCESS);",
	" return;",
	" }",
	" var stackName = event.ResourceProperties.StackName;",
	" var responseData = {};",
	" if (stackName) {",
	" var aws = require('aws-sdk');",
	" var cfn = new aws.CloudFormation();",
	" cfn.describeStacks({StackName: stackName}, function(err, data) {",
	" if (err) {",
	" responseData = {Error: 'DescribeStacks call failed'};",
	" console.log(responseData.Error + ':\\n', err);",
	" response.send(event, context, response.FAILED, responseData);",
	" }",
	" else {",
	" data.Stacks[0].Outputs.forEach(function(output) {",
	" responseData[output.OutputKey] = output.OutputValue;",
	" });",
	" response.send(event, context, response.SUCCESS, responseData);",
	" }",
	" });",
	" } else {",
	" responseData = {Error: 'Stack name not specified'};",
	" console.log(responseData.Error);",
	" response.send(event, context, response.FAILED, responseData);",
	" }",
	"};"
	]
	]
	}
	},
	"Handler": "index.handler",
	"Role": {
	"Fn::GetAtt": [
	"LambdaExecutionStackRole",
	"Arn"
	]
	},
	"Runtime": "nodejs",
	"Timeout": 40
	},
	"Type": "AWS::Lambda::Function"
	},
	"Subscribe": {
	"Properties": {
	"Code": {
	"ZipFile": {
	"Fn::Join": [
	"",
	[
	"var response = require('cfn-response');",
	"exports.handler = function(event, context) {",
	" console.log('REQUEST RECEIVED:\\n', JSON.stringify(event));",
	" var responseData = {};",
	" if (event.RequestType == 'Delete') {",
	" var subscriptionArn = event.PhysicalResourceId;",
	" var aws = require('aws-sdk');",
	" var sns = new aws.SNS();",
	" sns.unsubscribe({SubscriptionArn: subscriptionArn}, function(err, data) {",
	" if (err) {",
	" responseData = {Error: 'Failed to unsubscribe from SNS Topic'};",
	" response.send(event, context, response.FAILED, responseData);",
	" } else {",
	" response.send(event, context, response.SUCCESS, data, data.SubscriptionArn);",
	" }",
	" });",
	" return;",
	" }",
	" if (event.RequestType == 'Create' \|\| event.RequestType == 'Update') {",
	" var topicArn = event.ResourceProperties.TopicArn;",
	" var endpoint = event.ResourceProperties.Endpoint;",
	" var protocol = event.ResourceProperties.Protocol;",
	" if (topicArn && endpoint && protocol) {",
	" var aws = require('aws-sdk');",
	" var sns = new aws.SNS();",
	" sns.subscribe({TopicArn: topicArn, Endpoint: endpoint, Protocol: protocol}, function(err, data) {",
	" if (err) {",
	" responseData = {Error: 'Failed to subscribe to SNS Topic'};",
	" console.log(responseData.Error + ':\\n', err);",
	" response.send(event, context, response.FAILED, responseData);",
	" } else {",
	" response.send(event, context, response.SUCCESS, data, data.SubscriptionArn);",
	" }",
	" });",
	" } else {",
	" responseData = {Error: 'Missing one of required arguments'};",
	" console.log(responseData.Error);",
	" response.send(event, context, response.FAILED, responseData);",
	" }",
	" }",
	"};"
	]
	]
	}
	},
	"Handler": "index.handler",
	"Role": {
	"Fn::GetAtt": [
	"LambdaSubExecutionRole",
	"Arn"
	]
	},
	"Runtime": "nodejs",
	"Timeout": 40
	},
	"Type": "AWS::Lambda::Function"
	}
	}
	}