def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(), # Currently not used
'ConfigurationKey': properties.String(), # Depend on unique upload id in key to force Cloud Formation to call handler
'FeatureStack': properties.String(default=''),
'DeploymentStack': properties.String(default='')})
if props.FeatureStack is '' and props.DeploymentStack is '':
raise ValidationError('A value for the FeatureStack property or the DeploymentStack property must be provided.')
if props.FeatureStack is not '' and props.DeploymentStack is not '':
raise ValidationError('A value for only the FeatureStack property or the DeploymentStack property can be provided.')
data = {}
physical_resource_id = 'CloudCanvas:PlayerAccess:{stack_name}'.format(
stack_name=discovery_utils.get_stack_name_from_stack_arn(event['StackId']))
if props.FeatureStack is not '':
feature_info = discovery_utils.FeatureInfo(props.FeatureStack)
# The PlayerAccess resources in feature stacks will be created before
# the deployment access stack, and the Player role, is created. In
# this case it is OK for us to do nothing and wait for the PlayerAccess
# resource defined by the deployment access stack to be created. It
# will initialize the role at athat time.
role_name = _find_player_role(feature_info.deployment)
if role_name is not None:
_process_feature_stack(event['RequestType'], feature_info, role_name)
else: # DeploymentStack
_process_deployment_stack(event['RequestType'], props.DeploymentStack)
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(),
'FunctionName': properties.String(),
'Settings': properties.Object( default={},
schema={
'*': properties.String()
}),
'Runtime': properties.String()
})
request_type = event['RequestType']
if request_type == 'Delete':
physical_resource_name = event['PhysicalResourceId']
resource_uuid = physical_resource_name.split(':')[4]
_delete_role(resource_uuid)
data = {}
else:
if request_type == 'Create':
resource_uuid = uuid4()
physical_resource_name = 'CloudCanvas:LambdaConfiguration:{stack_name}:{function_name}:{uuid}'.format(
stack_name=discovery_utils.get_stack_name_from_stack_arn(event['StackId']),
function_name=props.FunctionName,
uuid=resource_uuid)
role_arn = _create_role(event['StackId'], props.FunctionName, resource_uuid)
else: # Update
physical_resource_name = event['PhysicalResourceId']
resource_uuid = physical_resource_name.split(':')[4]
role_arn = _update_role(event['StackId'], props.FunctionName, resource_uuid)
output_key = '{}/feature-code.zip'.format(props.ConfigurationKey)
output_key = _inject_settings(props.Settings.__dict__, props.Runtime, props.ConfigurationBucket, output_key, props.FunctionName)
data = {
'ConfigurationBucket': props.ConfigurationBucket,
'ConfigurationKey': output_key,
'Runtime': props.Runtime,
'Role': role_arn
}
custom_resource_response.succeed(event, context, data, physical_resource_name)
def properties():
"Properties"
if 'username' not in session: return goto_login(fname(), fparms())
if request.method == 'POST':
props.save(request.form)
flash('Properties saved. <span class="halflink" onclick="document.getElementById(\'restartform\').submit();">Restart</span> the server to apply your changes.', 'success')
return redirect(url_for('properties'))
sproperties = []
serverprops = props.load()
for item in props.tpl:
item['value'] = serverprops.get(item['key'], item['default'])
sproperties.append(item)
return render_template('properties.html', navigation=get_navi(fname()), properties=sproperties)
def __init__(self, initial_name, shared_path="/tmp/mark2"):
self.socket_to = lambda n: os.path.join(shared_path, n + ".sock")
self.socket_from = lambda p: os.path.splitext(os.path.basename(p))[0]
self.client = None
self.stats = {}
self.system_users = SystemUsers()
# read the config
self.config = properties.load(
properties.ClientProperties,
open_resource("resources/mark2rc.default.properties"),
os.path.expanduser("~/.mark2rc.properties"),
)
assert not self.config is None
self.stats_template = Template(self.config["stats"])
# start apps
self.apps = []
# start ui
self.ui = UI(
self.config.get_palette(),
self.get_players,
self.run_command,
self.switch_server,
self.connect_to_server,
self.config.get_player_actions(),
self.config.get_player_reasons(),
)
for name, command in self.config.get_apps():
app = App(name, self.config.get_interval("apps"), self.app_update, self.config["stats.app_shell"], command)
self.apps.append(app)
# tasks
t = LoopingCall(self.update_servers)
t.start(self.config.get_interval("servers"))
t = LoopingCall(self.update_users)
t.start(self.config.get_interval("users"))
t = LoopingCall(self.update_players)
t.start(self.config.get_interval("players"))
t = LoopingCall(self.update_stats)
t.start(self.config.get_interval("stats"))
self.connect_to_server(initial_name)
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(),
'DeploymentName': properties.String()})
data = {
'ConfigurationBucket': props.ConfigurationBucket,
'ConfigurationKey': '{}/deployment/{}'.format(props.ConfigurationKey, props.DeploymentName),
'DeploymentTemplateURL': 'https://s3.amazonaws.com/{}/{}/deployment/{}/deployment-template.json'.format(props.ConfigurationBucket, props.ConfigurationKey, props.DeploymentName),
'AccessTemplateURL': 'https://s3.amazonaws.com/{}/{}/deployment-access-template-{}.json'.format(props.ConfigurationBucket, props.ConfigurationKey, props.DeploymentName),
'DeploymentName': props.DeploymentName
}
physical_resource_id = 'CloudCanvas:DeploymentConfiguration:{}:{}'.format(discovery_utils.get_stack_name_from_stack_arn(event['StackId']), props.DeploymentName)
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(),
'FeatureName': properties.String()})
data = {
'ConfigurationBucket': props.ConfigurationBucket,
'ConfigurationKey': '{}/feature/{}'.format(props.ConfigurationKey, props.FeatureName),
'TemplateURL': 'https://s3.amazonaws.com/{}/{}/feature/{}/feature-template.json'.format(props.ConfigurationBucket, props.ConfigurationKey, props.FeatureName)
}
physical_resource_id = 'CloudCanvas:LambdaConfiguration:{stack_name}:{feature_name}'.format(
stack_name=discovery_utils.get_stack_name_from_stack_arn(event['StackId']),
feature_name=props.FeatureName)
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
if event['RequestType'] != 'Create':
return custom_resource_response.succeed(event, context, {}, "PopulateTables")
props = properties.load(event, {
'AchievementsTable': properties.String(),
'DailyGiftTable': properties.String(),
'ItemTable': properties.String(),
'MessageOfTheDayTable': properties.String(),
'MissionTable': properties.String(),
'GameDataLUTable' : properties.String()
})
achievementsTable = dynamodb.Table(props.AchievementsTable)
dailyGiftTable = dynamodb.Table(props.DailyGiftTable)
itemTable = dynamodb.Table(props.ItemTable)
messageOfTheDayTable = dynamodb.Table(props.MessageOfTheDayTable)
missionTable = dynamodb.Table(props.MissionTable)
gameDataLUTable = dynamodb.Table(props.GameDataLUTable)
achievement = {
"CompletionCriteria": "player.LastScore > 300",
"Description": "You survived for 300 seconds!",
"ItemReward": "FancyShip",
"Name": "300SecondSurvival"
}
achievementsTable.put_item(Item=achievement)
dailyGift = {
"Date": "12-06-2015",
"EndDate": "infinity",
"Gifts": [
{
"Name": "ShieldMission",
"Type": "mission"
}
]
}
dailyGiftTable.put_item(Item=dailyGift)
shieldItem = {
"Name" : "Shield",
"Persist" : False
}
fancyShipItem = {
"Name" : "FancyShip",
"Persist" : True
}
itemTable.put_item(Item=shieldItem)
itemTable.put_item(Item=fancyShipItem)
messageOfTheDay = {
"Date": "12-06-2015",
"EndDate": "infinity",
"Message": "Message of the Day!"
}
messageOfTheDayTable.put_item(Item=messageOfTheDay)
mission = {
"CompletionText": "You completed the Shield Mission!",
"Description": "Complete 1 game to get the Shield!",
"ItemReward": "Shield",
"Name": "ShieldMission",
"NumberOfGamesReq": 1
}
missionTable.put_item(Item=mission)
dailyGiftCached = {
"CachedItem": {
"Date": "12-06-2015",
"EndDate": "infinity",
"Gifts": [
{
"Name": "ShieldMission",
"Type": "mission"
}
]
},
"CachedItemName": "TodaysGift"
}
messageOfTheDayCached = {
"CachedItem": {
"Date": "12-06-2015",
"EndDate": "infinity",
"Message": "Message of the Day!"
},
"CachedItemName": "TodaysMessage"
}
gameDataLUTable.put_item(Item=dailyGiftCached)
gameDataLUTable.put_item(Item=messageOfTheDayCached)
custom_resource_response.succeed(event, context, {}, "PopulateTables")
def startServiceReal(self):
#start event dispatcher
self.events = events.EventDispatcher(self.handle_dispatch_error)
#add some handlers
self.events.register(self.handle_cmd_help, events.Hook, public=True, name="help", doc="displays this message")
self.events.register(self.handle_cmd_events, events.Hook, public=True, name="events", doc="lists events")
self.events.register(self.handle_cmd_plugins, events.Hook, public=True, name="plugins", doc="lists running plugins")
self.events.register(self.handle_cmd_reload_plugin, events.Hook, public=True, name="reload-plugin", doc="reload a plugin")
self.events.register(self.handle_cmd_reload, events.Hook, public=True, name="reload", doc="reload config and all plugins")
self.events.register(self.handle_console, events.Console)
self.events.register(self.handle_fatal, events.FatalError)
self.events.register(self.handle_server_started,events.ServerStarted)
self.events.register(self.handle_user_attach, events.UserAttach)
self.events.register(self.handle_user_detach, events.UserDetach)
self.events.register(self.handle_user_input, events.UserInput)
self.events.register(self.handle_player_join, events.PlayerJoin)
self.events.register(self.handle_player_quit, events.PlayerQuit)
self.events.register(self.handle_server_stopped,events.ServerStopped)
self.console("mark2 starting...")
#change to server directory
os.chdir(self.server_path)
#load config
self.config = properties.load(properties.Mark2Properties,
os.path.join(MARK2_BASE, 'resources', 'mark2.default.properties'),
os.path.join(MARK2_BASE, 'config', 'mark2.properties'),
'mark2.properties')
if self.config is None:
return self.fatal_error(reason="couldn't find mark2.properties")
#chmod log and pid
for ext in ('log', 'pid'):
os.chmod(os.path.join(self.shared_path, "%s.%s" % (self.server_name, ext)), self.config.get_umask(ext))
#find jar file
if self.jar_file is None:
self.jar_file = process.find_jar(
self.config['mark2.jar_path'].split(';'),
self.jar_file)
if self.jar_file is None:
return self.fatal_error("Couldn't find server jar!")
#load lang
self.lang = properties.load_jar(self.jar_file, 'lang/en_US.lang')
if self.lang is None:
return self.fatal_error(reason="couldn't load lang!")
for name, pattern in self.lang.get_deaths():
self.events.register(lambda e, cause=name: self.events.dispatch(events.PlayerDeath(text=e.data, cause=cause, **e.match.groupdict())), events.ServerOutput, pattern=pattern)
#load server.properties
self.properties = properties.load(properties.Mark2Properties, os.path.join(MARK2_BASE, 'resources', 'server.default.properties'), 'server.properties')
if self.properties is None:
return self.fatal_error(reason="couldn't find server.properties")
#register chat handlers
for key, e_ty in (
('join', events.PlayerJoin),
('quit', events.PlayerQuit),
('chat', events.PlayerChat)):
self.events.register(lambda e, e_ty=e_ty: self.events.dispatch(e_ty(**e.match.groupdict())), events.ServerOutput, pattern=self.config['mark2.regex.'+key])
#start services
if self.config['mark2.service.ping.enabled']:
self.addService(ping.Ping(
self,
self.properties['server_ip'],
self.properties['server_port'],
self.config['mark2.service.query.interval']))
if self.config['mark2.service.query.enabled'] and self.properties['enable_query']:
self.addService(query.Query(
self,
self.config['mark2.service.query.interval'],
self.properties['server_ip'],
self.properties['query.port']))
self.addService(process.Process(self, self.jar_file))
self.addService(user_server.UserServer(self, os.path.join(self.shared_path, "%s.sock" % self.server_name)))
#load plugins
self.plugins = plugins.PluginManager(self)
self.load_plugins()
#start the server
self.events.dispatch(events.ServerStart())
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(), ##this is only here to force the resource handler to execute on each update to the deployment
'IdentityPoolName': properties.String(),
'UseAuthSettingsObject': properties.String(),
'AllowUnauthenticatedIdentities': properties.String(),
'Roles': properties.Object( default={},
schema={
'*': properties.String()
}),
})
#give the identity pool a unique name per stack
stack_name = discovery_utils.get_stack_name_from_stack_arn(event['StackId'])
identity_pool_name = props.IdentityPoolName + stack_name
identity_pool_name = identity_pool_name.replace('-', ' ')
cognito_client = boto3.client('cognito-identity')
found_pool = _find_identity_pool(cognito_client, identity_pool_name)
identity_pool_id = None
request_type = event['RequestType']
if request_type == 'Delete':
if found_pool != None:
identity_pool_id = found_pool['IdentityPoolId']
cognito_client.delete_identity_pool(IdentityPoolId=identity_pool_id)
data = {}
else:
use_auth_settings_object = props.UseAuthSettingsObject.lower() == 'true'
supported_login_providers = {}
if use_auth_settings_object == True:
#download the auth settings from s3
player_access_key = 'player-access/auth-settings.json'
auth_doc = json.loads(_load_doc_from_s3(props.ConfigurationBucket, player_access_key))
#if the doc has entries add them to the supported_login_providers dictionary
if len(auth_doc) > 0:
for key, value in auth_doc.iteritems():
supported_login_providers[value['provider_uri']] = value['app_id']
allow_anonymous = props.AllowUnauthenticatedIdentities.lower() == 'true'
#if the pool exists just update it, otherwise create a new one
if found_pool != None:
response = cognito_client.update_identity_pool(IdentityPoolId=found_pool['IdentityPoolId'], IdentityPoolName=identity_pool_name, AllowUnauthenticatedIdentities=allow_anonymous,
SupportedLoginProviders=supported_login_providers)
identity_pool_id=found_pool['IdentityPoolId']
else:
response = cognito_client.create_identity_pool(IdentityPoolName = identity_pool_name, AllowUnauthenticatedIdentities=allow_anonymous,
SupportedLoginProviders=supported_login_providers)
identity_pool_id=response['IdentityPoolId']
#now update the roles for the pool
cognito_client.set_identity_pool_roles(IdentityPoolId=identity_pool_id, Roles=props.Roles.__dict__)
data = {
'IdentityPoolName': identity_pool_name,
'IdentityPoolId': identity_pool_id
}
physical_resource_id = identity_pool_id
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
props = properties.load(
event, {
'ConfigurationBucket':
properties.String(),
'ConfigurationKey':
properties.String(),
'FunctionName':
properties.String(),
'Settings':
properties.Object(default={}, schema={'*': properties.String()}),
'Runtime':
properties.String()
})
request_type = event['RequestType']
stack_arn = event['StackId']
logical_role_name = event['LogicalResourceId']
physical_resource_name = event.get('PhysicalResourceId',
None) # None when create request
if request_type == 'Delete':
role_utils.delete_role(stack_arn, logical_role_name, POLICY_NAME)
data = {}
else:
policy_metadata_filter = lambda entry: _policy_metadata_filter(
entry, props.FunctionName)
if request_type == 'Create':
physical_resource_name = discovery_utils.get_stack_name_from_stack_arn(
stack_arn) + '-' + event['LogicalResourceId']
assume_role_service = 'lambda.amazonaws.com'
role_arn = role_utils.create_role(stack_arn, logical_role_name,
POLICY_NAME, assume_role_service,
DEFAULT_POLICY_STATEMENTS,
policy_metadata_filter)
elif request_type == 'Update':
role_arn = role_utils.update_role(stack_arn, logical_role_name,
POLICY_NAME,
DEFAULT_POLICY_STATEMENTS,
policy_metadata_filter)
else:
raise ValidationError(
'Unexpected request type: {}'.format(request_type))
input_key = '{}/lambda-function-code.zip'.format(
props.ConfigurationKey)
output_key = _inject_settings(props.Settings.__dict__, props.Runtime,
props.ConfigurationBucket, input_key,
props.FunctionName)
data = {
'ConfigurationBucket': props.ConfigurationBucket,
'ConfigurationKey': output_key,
'Runtime': props.Runtime,
'Role': role_arn
}
custom_resource_response.succeed(event, context, data,
physical_resource_name)
def load_plugins(self):
self.config = properties.load(properties.Mark2Properties, os.path.join(MARK2_BASE, 'config', 'mark2.properties'), 'mark2.properties')
self.plugins.config = self.config
self.plugins.load_all()
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(), ##this is only here to force the resource handler to execute on each update to the deployment
'IdentityPoolName': properties.String(),
'UseAuthSettingsObject': properties.String(),
'AllowUnauthenticatedIdentities': properties.String(),
'Roles': properties.Object( default={},
schema={
'*': properties.String()
}),
})
#give the identity pool a unique name per stack
stack_name = discovery_utils.get_stack_name_from_stack_arn(event['StackId'])
identity_pool_name = props.IdentityPoolName + stack_name
identity_pool_name = identity_pool_name.replace('-', ' ')
cognito_client = boto3.client('cognito-identity')
found_pool = _find_identity_pool(cognito_client, identity_pool_name)
identity_pool_id = None
request_type = event['RequestType']
if request_type == 'Delete':
if found_pool != None:
identity_pool_id = found_pool['IdentityPoolId']
cognito_client.delete_identity_pool(IdentityPoolId=identity_pool_id)
data = {}
else:
use_auth_settings_object = props.UseAuthSettingsObject.lower() == 'true'
supported_login_providers = {}
if use_auth_settings_object == True:
#download the auth settings from s3
player_access_key = 'player-access/auth-settings.json'
auth_doc = json.loads(_load_doc_from_s3(props.ConfigurationBucket, player_access_key))
#if the doc has entries add them to the supported_login_providers dictionary
if len(auth_doc) > 0:
for key, value in auth_doc.iteritems():
supported_login_providers[value['provider_uri']] = value['app_id']
allow_anonymous = props.AllowUnauthenticatedIdentities.lower() == 'true'
#if the pool exists just update it, otherwise create a new one
if found_pool != None:
response = cognito_client.update_identity_pool(IdentityPoolId=found_pool['IdentityPoolId'], IdentityPoolName=identity_pool_name, AllowUnauthenticatedIdentities=allow_anonymous,
SupportedLoginProviders=supported_login_providers)
identity_pool_id=found_pool['IdentityPoolId']
else:
response = cognito_client.create_identity_pool(IdentityPoolName = identity_pool_name, AllowUnauthenticatedIdentities=allow_anonymous,
SupportedLoginProviders=supported_login_providers)
identity_pool_id=response['IdentityPoolId']
#now update the roles for the pool
cognito_client.set_identity_pool_roles(IdentityPoolId=identity_pool_id, Roles=props.Roles.__dict__)
data = {
'IdentityPoolName': identity_pool_name,
'IdentityPoolId': identity_pool_id
}
physical_resource_id = identity_pool_id
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
props = properties.load(
event, {
'ConfigurationBucket':
properties.String(),
'ConfigurationKey':
properties.String(),
'FunctionName':
properties.String(),
'Settings':
properties.Object(default={}, schema={'*': properties.String()}),
'Runtime':
properties.String()
})
request_type = event['RequestType']
if request_type == 'Delete':
physical_resource_name = event['PhysicalResourceId']
resource_uuid = physical_resource_name.split(':')[4]
_delete_role(resource_uuid)
data = {}
else:
if request_type == 'Create':
resource_uuid = uuid4()
physical_resource_name = 'CloudCanvas:LambdaConfiguration:{stack_name}:{function_name}:{uuid}'.format(
stack_name=discovery_utils.get_stack_name_from_stack_arn(
event['StackId']),
function_name=props.FunctionName,
uuid=resource_uuid)
role_arn = _create_role(event['StackId'], props.FunctionName,
resource_uuid)
else: # Update
physical_resource_name = event['PhysicalResourceId']
resource_uuid = physical_resource_name.split(':')[4]
role_arn = _update_role(event['StackId'], props.FunctionName,
resource_uuid)
output_key = '{}/feature-code.zip'.format(props.ConfigurationKey)
output_key = _inject_settings(props.Settings.__dict__, props.Runtime,
props.ConfigurationBucket, output_key,
props.FunctionName)
data = {
'ConfigurationBucket': props.ConfigurationBucket,
'ConfigurationKey': output_key,
'Runtime': props.Runtime,
'Role': role_arn
}
custom_resource_response.succeed(event, context, data,
physical_resource_name)
def handler(event, context):
props = properties.load(
event, {
'ConfigurationBucket':
properties.String(),
'ConfigurationKey':
properties.String(),
'FunctionName':
properties.String(),
'Settings':
properties.Object(default={}, schema={'*': properties.String()}),
'Runtime':
properties.String()
})
request_type = event['RequestType']
stack_arn = event['StackId']
logical_role_name = props.FunctionName
id_data = aws_utils.get_data_from_custom_physical_resource_id(
event.get('PhysicalResourceId', None))
if request_type == 'Delete':
role_utils.delete_access_control_role(id_data, logical_role_name)
response_data = {}
else:
if request_type == 'Create':
project_service_lambda_arn = _get_project_service_lambda_arn(
stack_arn)
assume_role_service = 'lambda.amazonaws.com'
role_arn = role_utils.create_access_control_role(
id_data,
stack_arn,
logical_role_name,
assume_role_service,
default_policy=get_default_policy(project_service_lambda_arn))
elif request_type == 'Update':
role_arn = role_utils.get_access_control_role_arn(
id_data, logical_role_name)
else:
raise RuntimeError(
'Unexpected request type: {}'.format(request_type))
_add_built_in_settings(props.Settings.__dict__, stack_arn)
# Check if we have a folder just for this function, if not use the default
input_key = _get_input_key(props)
output_key = _inject_settings(props.Settings.__dict__, props.Runtime,
props.ConfigurationBucket, input_key,
props.FunctionName)
response_data = {
'ConfigurationBucket':
props.ConfigurationBucket,
'ConfigurationKey':
output_key,
'Runtime':
props.Runtime,
'Role':
role_arn,
'RoleName':
role_utils.get_access_control_role_name(stack_arn,
logical_role_name)
}
physical_resource_id = aws_utils.construct_custom_physical_resource_id_with_data(
stack_arn, event['LogicalResourceId'], id_data)
custom_resource_response.succeed(event, context, response_data,
physical_resource_id)
def handler(event, context):
props = properties.load(event, {
'ConfigurationBucket': properties.String(),
'ConfigurationKey': properties.String(), ##this is only here to force the resource handler to execute on each update to the deployment
'IdentityPoolName': properties.String(),
'UseAuthSettingsObject': properties.String(),
'AllowUnauthenticatedIdentities': properties.String(),
'DeveloperProviderName': properties.String(default=''),
'Roles': properties.Object( default={},
schema={
'*': properties.String()
}),
'RoleMappings': properties.Object(default={},
schema={
'Cognito': properties.Object(default={}, schema={
'Type': properties.String(''),
'AmbiguousRoleResolution': properties.String('')
})
}
)
})
#give the identity pool a unique name per stack
stack_name = aws_utils.get_stack_name_from_stack_arn(event['StackId'])
identity_pool_name = stack_name+props.IdentityPoolName
identity_pool_name = identity_pool_name.replace('-', ' ')
identity_client = identity_pool.get_identity_client()
identity_pool_id = event.get('PhysicalResourceId')
found_pool = identity_pool.get_identity_pool(identity_pool_id)
request_type = event['RequestType']
if request_type == 'Delete':
if found_pool != None:
identity_client.delete_identity_pool(IdentityPoolId=identity_pool_id)
data = {}
else:
use_auth_settings_object = props.UseAuthSettingsObject.lower() == 'true'
supported_login_providers = {}
if use_auth_settings_object == True:
#download the auth settings from s3
player_access_key = 'player-access/'+constant.AUTH_SETTINGS_FILENAME
auth_doc = json.loads(_load_doc_from_s3(props.ConfigurationBucket, player_access_key))
#if the doc has entries add them to the supported_login_providers dictionary
if len(auth_doc) > 0:
for key, value in auth_doc.iteritems():
supported_login_providers[value['provider_uri']] = value['app_id']
cognito_identity_providers = identity_pool.get_cognito_identity_providers(event['StackId'], event['LogicalResourceId'])
print 'Identity Providers: ', cognito_identity_providers
allow_anonymous = props.AllowUnauthenticatedIdentities.lower() == 'true'
#if the pool exists just update it, otherwise create a new one
args = {
'IdentityPoolName': identity_pool_name,
'AllowUnauthenticatedIdentities': allow_anonymous,
'SupportedLoginProviders': supported_login_providers,
'CognitoIdentityProviders': cognito_identity_providers
}
if props.DeveloperProviderName:
args['DeveloperProviderName'] = props.DeveloperProviderName
if found_pool != None:
identity_client.update_identity_pool(IdentityPoolId=identity_pool_id, **args)
else:
response = identity_client.create_identity_pool(**args)
identity_pool_id=response['IdentityPoolId']
#update the roles for the pool
role_mappings = {}
if props.RoleMappings.Cognito.Type and len(cognito_identity_providers) > 0:
print 'Adding role mappings for cognito', props.RoleMappings.Cognito.__dict__
role_mappings['{}:{}'.format(cognito_identity_providers[0]['ProviderName'],cognito_identity_providers[0]['ClientId'])]=props.RoleMappings.Cognito.__dict__
print "Role Mappings: ", role_mappings
identity_client.set_identity_pool_roles(
IdentityPoolId=identity_pool_id,
Roles=props.Roles.__dict__,
RoleMappings=role_mappings)
data = {
'IdentityPoolName': identity_pool_name,
'IdentityPoolId': identity_pool_id
}
physical_resource_id = identity_pool_id
custom_resource_response.succeed(event, context, data, physical_resource_id)
def handler(event, context):
request_type = event['RequestType']
logical_resource_id = event['LogicalResourceId']
logical_role_name = logical_resource_id
owning_stack_info = stack_info.get_stack_info(event['StackId'])
rest_api_resource_name = owning_stack_info.stack_name + '-' + logical_resource_id
id_data = aws_utils.get_data_from_custom_physical_resource_id(
event.get('PhysicalResourceId', None))
response_data = {}
if request_type == 'Create':
props = properties.load(event, PROPERTY_SCHEMA)
role_arn = role_utils.create_access_control_role(
id_data, owning_stack_info.stack_arn, logical_role_name,
API_GATEWAY_SERVICE_NAME)
swagger_content = get_configured_swagger_content(
owning_stack_info, props, role_arn, rest_api_resource_name)
rest_api_id = create_api_gateway(props, swagger_content)
response_data['Url'] = get_api_url(rest_api_id,
owning_stack_info.region)
id_data['RestApiId'] = rest_api_id
elif request_type == 'Update':
rest_api_id = id_data.get('RestApiId', None)
if not rest_api_id:
raise RuntimeError(
'No RestApiId found in id_data: {}'.format(id_data))
props = properties.load(event, PROPERTY_SCHEMA)
role_arn = role_utils.get_access_control_role_arn(
id_data, logical_role_name)
swagger_content = get_configured_swagger_content(
owning_stack_info, props, role_arn, rest_api_resource_name)
update_api_gateway(rest_api_id, props, swagger_content)
response_data['Url'] = get_api_url(rest_api_id,
owning_stack_info.region)
elif request_type == 'Delete':
if not id_data:
# The will be no data in the id if Cloud Formation cancels a resource creation
# (due to a failure in another resource) before it processes the resource create
# response. Appearently Cloud Formation has an internal temporary id for the
# resource and uses it for the delete request.
#
# Unfortunalty there isn't a good way to deal with this case. We don't have the
# id data, so we can't clean up the things it identifies. At best we can allow the
# stack cleanup to continue, leaving the rest API behind and role behind.
print 'WARNING: No id_data provided on delete.'.format(id_data)
else:
rest_api_id = id_data.get('RestApiId', None)
if not rest_api_id:
raise RuntimeError(
'No RestApiId found in id_data: {}'.format(id_data))
delete_api_gateway(rest_api_id)
del id_data['RestApiId']
role_utils.delete_access_control_role(id_data, logical_role_name)
else:
raise RuntimeError('Invalid RequestType: {}'.format(request_type))
physical_resource_id = aws_utils.construct_custom_physical_resource_id_with_data(
event['StackId'], logical_resource_id, id_data)
custom_resource_response.succeed(event, context, response_data,
physical_resource_id)
