def handler(event, context):
props = properties.load(
event,
{
'ConfigurationBucket': properties.String(), # Currently not used
'ConfigurationKey': properties.String(
), # Depend on unique upload id in key to force Cloud Formation to call handler
'RoleLogicalId': properties.String(),
'MetadataKey': properties.String(),
'PhysicalResourceId': properties.String(),
'UsePropagationDelay': properties.String(),
'RequireRoleExists': properties.String(default='true'),
'ResourceGroupStack': properties.String(default=''),
'DeploymentStack': properties.String(default='')
})
if props.ResourceGroupStack is '' and props.DeploymentStack is '':
raise ValidationError(
'A value for the ResourceGroupStack property or the DeploymentStack property must be provided.'
)
if props.ResourceGroupStack is not '' and props.DeploymentStack is not '':
raise ValidationError(
'A value for only the ResourceGroupStack property or the DeploymentStack property can be provided.'
)
use_propagation_delay = props.UsePropagationDelay.lower() == 'true'
data = {}
stack_infos = []
if props.ResourceGroupStack is not '':
resource_group_info = discovery_utils.ResourceGroupInfo(
props.ResourceGroupStack)
# create a list of stack-infos, starting at the resource group level and working our way upward
stack_infos = _build_stack_infos_list(resource_group_info)
else: # DeploymentStack
deployment_info = discovery_utils.DeploymentInfo(props.DeploymentStack)
# create a list of stack-infos, starting at the deployment level and working our way upward
stack_infos = _build_stack_infos_list(deployment_info)
# go through each of the stack infos, trying to find the specified role
for stack_info in stack_infos:
role = stack_info.get_resource(props.RoleLogicalId,
expected_type='AWS::IAM::Role',
optional=True)
if role is not None:
break
role_physical_id = None
if role is not None:
role_physical_id = role.get('PhysicalResourceId', None)
if role_physical_id is None:
if props.RequireRoleExists.lower() == 'true':
raise ValidationError('Could not find role \'{}\'.'.format(
props.RoleLogicalId))
else:
if type(stack_infos[0]) is discovery_utils.ResourceGroupInfo:
_process_resource_group_stack(event['RequestType'], stack_infos[0],
role_physical_id, props.MetadataKey,
use_propagation_delay)
else:
for resource_group_info in stack_infos[0].get_resource_group_infos(
):
_process_resource_group_stack(event['RequestType'],
resource_group_info,
role_physical_id,
props.MetadataKey,
use_propagation_delay)
custom_resource_response.succeed(event, context, data,
props.PhysicalResourceId)
def _process_deployment_stack(request_type, deployment_stack_arn):
deployment_info = discovery_utils.DeploymentInfo(deployment_stack_arn)
role_name = _find_player_role(deployment_info)
if role_name is not None:
for feature_info in deployment_info.get_feature_infos():
_process_feature_stack(request_type, feature_info, role_name)