def handler(event, context): props = properties.load( event, { 'ConfigurationBucket': properties.String(), # Currently not used 'ConfigurationKey': properties.String( ), # Depend on unique upload id in key to force Cloud Formation to call handler 'RoleLogicalId': properties.String(), 'MetadataKey': properties.String(), 'PhysicalResourceId': properties.String(), 'UsePropagationDelay': properties.String(), 'RequireRoleExists': properties.String(default='true'), 'ResourceGroupStack': properties.String(default=''), 'DeploymentStack': properties.String(default='') }) if props.ResourceGroupStack is '' and props.DeploymentStack is '': raise ValidationError( 'A value for the ResourceGroupStack property or the DeploymentStack property must be provided.' ) if props.ResourceGroupStack is not '' and props.DeploymentStack is not '': raise ValidationError( 'A value for only the ResourceGroupStack property or the DeploymentStack property can be provided.' ) use_propagation_delay = props.UsePropagationDelay.lower() == 'true' data = {} stack_infos = [] if props.ResourceGroupStack is not '': resource_group_info = discovery_utils.ResourceGroupInfo( props.ResourceGroupStack) # create a list of stack-infos, starting at the resource group level and working our way upward stack_infos = _build_stack_infos_list(resource_group_info) else: # DeploymentStack deployment_info = discovery_utils.DeploymentInfo(props.DeploymentStack) # create a list of stack-infos, starting at the deployment level and working our way upward stack_infos = _build_stack_infos_list(deployment_info) # go through each of the stack infos, trying to find the specified role for stack_info in stack_infos: role = stack_info.get_resource(props.RoleLogicalId, expected_type='AWS::IAM::Role', optional=True) if role is not None: break role_physical_id = None if role is not None: role_physical_id = role.get('PhysicalResourceId', None) if role_physical_id is None: if props.RequireRoleExists.lower() == 'true': raise ValidationError('Could not find role \'{}\'.'.format( props.RoleLogicalId)) else: if type(stack_infos[0]) is discovery_utils.ResourceGroupInfo: _process_resource_group_stack(event['RequestType'], stack_infos[0], role_physical_id, props.MetadataKey, use_propagation_delay) else: for resource_group_info in stack_infos[0].get_resource_group_infos( ): _process_resource_group_stack(event['RequestType'], resource_group_info, role_physical_id, props.MetadataKey, use_propagation_delay) custom_resource_response.succeed(event, context, data, props.PhysicalResourceId)
def _process_deployment_stack(request_type, deployment_stack_arn): deployment_info = discovery_utils.DeploymentInfo(deployment_stack_arn) role_name = _find_player_role(deployment_info) if role_name is not None: for feature_info in deployment_info.get_feature_infos(): _process_feature_stack(request_type, feature_info, role_name)