def get_resource_arn(self, stack_id, logical_resource_id):
cf = self.context.aws.client('cloudformation',
region=util.get_region_from_arn(stack_id))
try:
res = cf.describe_stack_resource(
StackName=stack_id, LogicalResourceId=logical_resource_id)
except ClientError as e:
if optional and e.response['Error']['Code'] == 'ValidationError':
return None
raise HandledError(
'Could not get the id for the {} resource from the {} stack.'.
format(logical_resource_id, stack_id), e)
resource_name = res['StackResourceDetail']['PhysicalResourceId']
resource_type = res['StackResourceDetail']['ResourceType']
return util.get_resource_arn(stack_id,
resource_type,
resource_name,
context=self.context)
def __get_mappings(context, deployment_name, exclusions, role, args=None):
mappings = {}
deployment_stack_id = context.config.get_deployment_stack_id(
deployment_name)
region = util.get_region_from_arn(deployment_stack_id)
account_id = util.get_account_id_from_arn(deployment_stack_id)
context.view.retrieving_mappings(deployment_name, deployment_stack_id,
role)
player_accessible_arns = __get_player_accessible_arns(
context, deployment_name, role, args)
resources = context.stack.describe_resources(deployment_stack_id,
recursive=True)
for logical_name, description in resources.iteritems():
if logical_name in exclusions:
continue
physical_resource_id = description.get('PhysicalResourceId')
if physical_resource_id:
if __is_user_pool_resource(description):
mappings[logical_name] = {
'PhysicalResourceId': physical_resource_id,
'ResourceType': description['ResourceType'],
'UserPoolClients': description[
'UserPoolClients'] # include client id / secret
}
else:
resource_arn = util.get_resource_arn(
description['StackId'],
description['ResourceType'],
physical_resource_id,
optional=True,
context=context)
if resource_arn and resource_arn in player_accessible_arns:
if __is_service_api_resource(description):
__add_service_api_mapping(context, logical_name,
description, mappings)
else:
mappings[logical_name] = {
'PhysicalResourceId': physical_resource_id,
'ResourceType': description['ResourceType']
}
k_exchange_token_handler_name = 'PlayerAccessTokenExchange'
if k_exchange_token_handler_name not in exclusions:
login_exchange_handler = context.stack.get_physical_resource_id(
context.config.project_stack_id, k_exchange_token_handler_name)
if login_exchange_handler != None:
mappings[k_exchange_token_handler_name] = {
'PhysicalResourceId': login_exchange_handler,
'ResourceType': 'AWS::Lambda::Function'
}
#now let's grab the player identity stuff and make sure we add it to the mappings.
access_stack_arn = context.config.get_deployment_access_stack_id(
deployment_name, True if args is not None and args.is_gui else False)
if access_stack_arn != None:
access_resources = context.stack.describe_resources(access_stack_arn,
recursive=True)
for logical_name, description in access_resources.iteritems():
if description['ResourceType'] == 'Custom::CognitoIdentityPool':
if logical_name in exclusions:
continue
mappings[logical_name] = {
'PhysicalResourceId': description['PhysicalResourceId'],
'ResourceType': description['ResourceType']
}
if 'region' not in exclusions:
mappings['region'] = {
'PhysicalResourceId': region,
'ResourceType': 'Configuration'
}
if 'account_id' not in exclusions:
mappings['account_id'] = {
'PhysicalResourceId': account_id,
'ResourceType': 'Configuration'
}
return mappings