kumogata-template 0.0.35 → 0.0.36
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.travis.yml +4 -2
- data/Gemfile +1 -1
- data/Rakefile +1 -1
- data/kumogata-template.gemspec +4 -4
- data/lib/kumogata/template/alb.rb +48 -34
- data/lib/kumogata/template/api-gateway.rb +262 -0
- data/lib/kumogata/template/autoscaling.rb +17 -44
- data/lib/kumogata/template/certificate.rb +11 -8
- data/lib/kumogata/template/cloudfront.rb +67 -60
- data/lib/kumogata/template/cloudwatch.rb +7 -12
- data/lib/kumogata/template/codebuild.rb +4 -8
- data/lib/kumogata/template/codecommit.rb +2 -6
- data/lib/kumogata/template/codedeploy.rb +15 -0
- data/lib/kumogata/template/cognito.rb +203 -0
- data/lib/kumogata/template/const.rb +109 -47
- data/lib/kumogata/template/datapipeline.rb +16 -47
- data/lib/kumogata/template/dynamodb.rb +17 -8
- data/lib/kumogata/template/ec2.rb +61 -10
- data/lib/kumogata/template/ecr.rb +11 -9
- data/lib/kumogata/template/ecs.rb +256 -91
- data/lib/kumogata/template/elasticbeanstalk.rb +6 -9
- data/lib/kumogata/template/elb.rb +9 -24
- data/lib/kumogata/template/emr.rb +184 -51
- data/lib/kumogata/template/events.rb +22 -10
- data/lib/kumogata/template/ext/kumogata.rb +7 -7
- data/lib/kumogata/template/helper.rb +189 -130
- data/lib/kumogata/template/iam.rb +556 -146
- data/lib/kumogata/template/kinesis.rb +282 -0
- data/lib/kumogata/template/lambda.rb +43 -2
- data/lib/kumogata/template/logs.rb +2 -6
- data/lib/kumogata/template/nlb.rb +10 -0
- data/lib/kumogata/template/pinpoint.rb +83 -0
- data/lib/kumogata/template/rds.rb +52 -0
- data/lib/kumogata/template/redshift.rb +15 -6
- data/lib/kumogata/template/role.rb +425 -0
- data/lib/kumogata/template/s3.rb +120 -80
- data/lib/kumogata/template/sns.rb +2 -6
- data/lib/kumogata/template/version.rb +1 -1
- data/lib/kumogata/template.rb +9 -1
- data/template/_template.rb +2 -2
- data/template/alb-load-balancer.rb +5 -4
- data/template/alb-target-group.rb +8 -9
- data/template/api-gateway-account.rb +15 -0
- data/template/api-gateway-api-key.rb +22 -0
- data/template/api-gateway-authorizer.rb +38 -0
- data/template/api-gateway-base-path-mapping.rb +23 -0
- data/template/api-gateway-client-certificate.rb +16 -0
- data/template/api-gateway-deployment.rb +24 -0
- data/template/api-gateway-domain-name.rb +17 -0
- data/template/api-gateway-method.rb +71 -0
- data/template/api-gateway-model.rb +23 -0
- data/template/api-gateway-resource.rb +32 -0
- data/template/api-gateway-rest-api.rb +29 -0
- data/template/api-gateway-stage.rb +33 -0
- data/template/api-gateway-usage-plan-key.rb +19 -0
- data/template/api-gateway-usage-plan.rb +24 -0
- data/template/autoscaling-group.rb +2 -2
- data/template/autoscaling-launch-configuration.rb +7 -4
- data/template/autoscaling-scheduled-action.rb +0 -1
- data/template/certificate.rb +2 -2
- data/template/cloudfront-distribution.rb +4 -0
- data/template/cloudfront-origin-access-identity.rb +19 -0
- data/template/cloudtrail.rb +6 -4
- data/template/cloudwatch-alarm.rb +9 -3
- data/template/codebuild-project.rb +3 -3
- data/template/codecommit-repository.rb +2 -2
- data/template/codedeploy-application.rb +1 -1
- data/template/codedeploy-deployment-config.rb +1 -1
- data/template/codedeploy-deployment-group.rb +2 -0
- data/template/cognito-identity-pool.rb +34 -0
- data/template/cognito-identity-role-attachment.rb +22 -0
- data/template/cognito-user-pool-client.rb +28 -0
- data/template/cognito-user-pool-group.rb +24 -0
- data/template/cognito-user-pool-user-to-group-attachment.rb +20 -0
- data/template/cognito-user-pool-user.rb +28 -0
- data/template/cognito-user-pool.rb +45 -0
- data/template/datapipeline-pipeline.rb +4 -4
- data/template/dynamodb-table.rb +5 -1
- data/template/ec2-eip-association.rb +1 -1
- data/template/ec2-instance.rb +4 -1
- data/template/ec2-nat-gateway.rb +4 -0
- data/template/ec2-route.rb +4 -0
- data/template/ec2-security-group-ingress.rb +1 -1
- data/template/ec2-security-group.rb +2 -2
- data/template/ec2-subnet.rb +8 -4
- data/template/ec2-volume.rb +1 -2
- data/template/ec2-vpc-cidr-block.rb +4 -2
- data/template/ec2-vpc-endpoint.rb +5 -2
- data/template/ecr-repository.rb +2 -2
- data/template/ecs-cluster.rb +1 -1
- data/template/ecs-service.rb +19 -7
- data/template/ecs-task-definition.rb +4 -4
- data/template/elasticache-cache-cluster.rb +1 -1
- data/template/elasticache-parameter-group.rb +1 -1
- data/template/elasticache-replication-group.rb +1 -1
- data/template/elasticache-subnet-group.rb +1 -1
- data/template/elasticbeanstalk-application-version.rb +1 -1
- data/template/elasticbeanstalk-application.rb +1 -1
- data/template/elasticbeanstalk-configuration-template.rb +1 -1
- data/template/elasticbeanstalk-environment.rb +1 -1
- data/template/elb-load-balancer.rb +2 -2
- data/template/emr-cluster.rb +3 -3
- data/template/emr-instance-group-config.rb +4 -2
- data/template/emr-security-configuration.rb +17 -0
- data/template/emr-step.rb +2 -2
- data/template/events-rule.rb +8 -8
- data/template/iam-group.rb +2 -2
- data/template/iam-instance-profile.rb +2 -2
- data/template/iam-managed-policy.rb +1 -1
- data/template/iam-policy.rb +1 -1
- data/template/iam-role.rb +17 -2
- data/template/iam-user.rb +4 -4
- data/template/kinesis-firehose-delivery-stream.rb +36 -0
- data/template/kinesis-stream.rb +21 -0
- data/template/kms-alias.rb +2 -2
- data/template/kms-key.rb +1 -1
- data/template/lambda-alias.rb +2 -2
- data/template/lambda-event-source-mapping.rb +4 -4
- data/template/lambda-function.rb +17 -17
- data/template/lambda-permission.rb +31 -10
- data/template/lambda-version.rb +4 -2
- data/template/logs-destination.rb +1 -1
- data/template/logs-log-group.rb +1 -1
- data/template/logs-log-stream.rb +4 -2
- data/template/logs-metric-filter.rb +1 -1
- data/template/logs-subscription_filter.rb +1 -1
- data/template/mappings-ec2.rb +114 -52
- data/template/output-arn.rb +12 -4
- data/template/output-certificate.rb +11 -0
- data/template/output-distribution.rb +11 -0
- data/template/output-domain-name.rb +11 -0
- data/template/output-ecr-repository.rb +16 -0
- data/template/output-eip.rb +11 -0
- data/template/output-lambda-function.rb +6 -0
- data/template/output-name.rb +7 -2
- data/template/output-origin-access-identity.rb +13 -0
- data/template/output-rds-cluster.rb +17 -0
- data/template/{output-rds.rb → output-rds-instance.rb} +1 -1
- data/template/output-redshift.rb +11 -0
- data/template/output-rest-api.rb +11 -0
- data/template/output-s3.rb +3 -0
- data/template/output-stage.rb +19 -0
- data/template/output-subnet.rb +6 -3
- data/template/output-trail.rb +14 -0
- data/template/output-user-pool-client.rb +14 -0
- data/template/output-user-pool.rb +17 -0
- data/template/output-vpc.rb +13 -3
- data/template/output.rb +3 -2
- data/template/parameter-ec2.rb +10 -4
- data/template/parameter-elasticache.rb +1 -1
- data/template/parameter-rds.rb +51 -4
- data/template/parameter-redshift.rb +31 -1
- data/template/parameter.rb +87 -7
- data/template/rds-db-cluster-parameter-group.rb +18 -4
- data/template/rds-db-cluster.rb +19 -7
- data/template/rds-db-instance.rb +55 -131
- data/template/rds-db-parameter-group.rb +29 -3
- data/template/rds-db-subnet-group.rb +1 -1
- data/template/rds-event-subscription.rb +2 -4
- data/template/rds-option-group.rb +28 -5
- data/template/redshift-cluster-parameter-group.rb +3 -1
- data/template/redshift-cluster-security-group.rb +17 -0
- data/template/redshift-cluster-subnet-group.rb +3 -1
- data/template/redshift-cluster.rb +15 -12
- data/template/s3-bucket.rb +10 -5
- data/template/sns-topic.rb +2 -2
- data/template/sqs-queue.rb +1 -1
- data/test/abstract_unit.rb +2 -9
- data/test/cloudfront_test.rb +57 -28
- data/test/codedeploy_test.rb +21 -0
- data/test/datapipeline_test.rb +0 -22
- data/test/ec2_test.rb +12 -52
- data/test/ecs_test.rb +30 -26
- data/test/emr_test.rb +101 -20
- data/test/events_test.rb +47 -0
- data/test/helper_test.rb +251 -281
- data/test/iam_test.rb +572 -57
- data/test/lambda_test.rb +1 -1
- data/test/s3_test.rb +49 -14
- data/test/template/alb-load-balancer_test.rb +4 -5
- data/test/template/alb-target-group_test.rb +1 -3
- data/test/template/api-gateway-account_test.rb +26 -0
- data/test/template/api-gateway-api-key_test.rb +33 -0
- data/test/template/api-gateway-authorizer_test.rb +62 -0
- data/test/template/api-gateway-base-path-mapping_test.rb +27 -0
- data/test/template/api-gateway-client-certificate_test.rb +21 -0
- data/test/template/api-gateway-deployment_test.rb +27 -0
- data/test/template/api-gateway-domain-name_test.rb +26 -0
- data/test/template/api-gateway-method_test.rb +29 -0
- data/test/template/api-gateway-model_test.rb +37 -0
- data/test/template/api-gateway-resource_test.rb +82 -0
- data/test/template/api-gateway-rest-api_test.rb +33 -0
- data/test/template/api-gateway-stage_test.rb +39 -0
- data/test/template/api-gateway-usage-plan-key_test.rb +25 -0
- data/test/template/api-gateway-usage-plan_test.rb +42 -0
- data/test/template/cloudfront-distribution_test.rb +41 -3
- data/test/template/cloudtrail_test.rb +13 -5
- data/test/template/cloudwatch-alarm_test.rb +14 -2
- data/test/template/codebuild-project_test.rb +2 -11
- data/test/template/codecommit-repository_test.rb +12 -1
- data/test/template/cognito-identity-pool_test.rb +32 -0
- data/test/template/cognito-identity-role-attachment_test.rb +38 -0
- data/test/template/cognito-user-pool-client_test.rb +36 -0
- data/test/template/cognito-user-pool-group_test.rb +36 -0
- data/test/template/cognito-user-pool-user-to-group-attachment_test.rb +29 -0
- data/test/template/cognito-user-pool-user_test.rb +38 -0
- data/test/template/cognito-user-pool_test.rb +99 -0
- data/test/template/datapipeline-pipeline_test.rb +45 -6
- data/test/template/dynamodb-table_test.rb +19 -1
- data/test/template/ec2-instance_test.rb +9 -1
- data/test/template/ec2-nat-gateway_test.rb +29 -1
- data/test/template/ec2-security-group-egress_test.rb +1 -0
- data/test/template/ec2-security-group-ingress_test.rb +1 -0
- data/test/template/ec2-security-group_test.rb +11 -1
- data/test/template/ec2-spot-fleet_test.rb +1 -1
- data/test/template/ec2-subnet_test.rb +62 -1
- data/test/template/ec2-vpc-cidr-block_test.rb +1 -1
- data/test/template/ec2-vpc-endpoint_test.rb +56 -0
- data/test/template/ecr-repository_test.rb +63 -11
- data/test/template/ecs-service_test.rb +13 -2
- data/test/template/ecs-task-definition_test.rb +86 -13
- data/test/template/elasticache-cache-cluster_test.rb +4 -6
- data/test/template/elasticache-replication-group_test.rb +1 -1
- data/test/template/elasticbeanstalk-application-version_test.rb +1 -0
- data/test/template/elasticbeanstalk-application_test.rb +2 -1
- data/test/template/elasticbeanstalk-configuration-template_test.rb +2 -1
- data/test/template/elasticbeanstalk-template_test.rb +1 -0
- data/test/template/elb-load-balancer_test.rb +1 -3
- data/test/template/emr-cluster_test.rb +2 -14
- data/test/template/emr-instance-group-config_test.rb +2 -4
- data/test/template/emr-security-configuration_test.rb +34 -0
- data/test/template/emr-step_test.rb +2 -6
- data/test/template/events-rule_test.rb +3 -3
- data/test/template/iam-group_test.rb +11 -1
- data/test/template/iam-instance-profile_test.rb +11 -1
- data/test/template/iam-managed-policy_test.rb +1 -0
- data/test/template/iam-policy_test.rb +1 -3
- data/test/template/iam-role_test.rb +12 -2
- data/test/template/iam-user_test.rb +11 -17
- data/test/template/kinesis-firehorse-delivery-stream_test.rb +68 -0
- data/test/template/kinesis-stream_test.rb +61 -0
- data/test/template/kms-key_test.rb +1 -0
- data/test/template/lambda-alias_test.rb +2 -3
- data/test/template/lambda-event-source-mapping_test.rb +1 -1
- data/test/template/lambda-function_test.rb +20 -32
- data/test/template/lambda-permission_test.rb +7 -4
- data/test/template/lambda-version_test.rb +5 -2
- data/test/template/logs-log-group_test.rb +1 -3
- data/test/template/logs-log-stream_test.rb +2 -6
- data/test/template/logs-metric-filter_test.rb +1 -3
- data/test/template/logs-subscription-filter_test.rb +1 -3
- data/test/template/mappings-ec2_test.rb +10 -3
- data/test/template/output-domain-name_test.rb +30 -0
- data/test/template/output-name_test.rb +9 -0
- data/test/template/{output-rds_test.rb → output-rds-instance_test.rb} +2 -2
- data/test/template/output-rest-api_test.rb +30 -0
- data/test/template/output-s3_test.rb +9 -0
- data/test/template/output-stage_test.rb +43 -0
- data/test/template/output-user-pool-client_test.rb +39 -0
- data/test/template/output-user-pool_test.rb +48 -0
- data/test/template/output_test.rb +3 -1
- data/test/template/parameter-ec2_test.rb +22 -24
- data/test/template/parameter-elasticache_test.rb +2 -1
- data/test/template/parameter-rds_test.rb +32 -3
- data/test/template/parameter-redshift_test.rb +31 -2
- data/test/template/parameter_test.rb +37 -4
- data/test/template/rds-db-cluster-parameter-group_test.rb +1 -1
- data/test/template/rds-db-cluster_test.rb +4 -20
- data/test/template/rds-db-instance_test.rb +3 -373
- data/test/template/rds-db-parameter-group_test.rb +1 -1
- data/test/template/rds-option-group_test.rb +2 -2
- data/test/template/redshift-cluster-parameter-group_test.rb +28 -0
- data/test/template/redshift-cluster-security-group_test.rb +49 -0
- data/test/template/redshift-cluster-subnet-group_test.rb +28 -0
- data/test/template/redshift-cluster_test.rb +33 -5
- data/test/template/s3-bucket_test.rb +6 -20
- metadata +130 -22
data/template/iam-role.rb
CHANGED
@@ -4,6 +4,21 @@
|
|
4
4
|
#
|
5
5
|
require 'kumogata/template/helper'
|
6
6
|
require 'kumogata/template/iam'
|
7
|
+
require 'kumogata/template/kinesis'
|
8
|
+
require 'kumogata/template/pinpoint'
|
9
|
+
|
10
|
+
args[:managed_policies].collect!{|v| "service-role/#{v}" } if args.key? :managed_policies
|
11
|
+
args[:policies].each_with_index do |v, i|
|
12
|
+
next unless v.key? :type
|
13
|
+
case v[:type]
|
14
|
+
when /^kinesis firehose/
|
15
|
+
args[:policies][i][:document] = _kinesis_firehose_to_delivery_stream_role(v[:document])
|
16
|
+
when /^pinpoint kinesis stream/
|
17
|
+
args[:policies][i][:document] = _pinpoint_to_kinesis_stream_role(v[:document])
|
18
|
+
when /^pinpoint kinesis firehose/
|
19
|
+
args[:policies][i][:document] = _pinpoint_to_kinesis_firehose_delivery_stream_role(v[:document])
|
20
|
+
end
|
21
|
+
end if args.key? :policies
|
7
22
|
|
8
23
|
name = _resource_name(args[:name], "role")
|
9
24
|
policy = _iam_assume_role_policy_document(args)
|
@@ -15,7 +30,7 @@ managed_policies =
|
|
15
30
|
end
|
16
31
|
path = args[:path] || "/"
|
17
32
|
policies = _iam_policies("policies", args)
|
18
|
-
|
33
|
+
role = _name("role", args)
|
19
34
|
|
20
35
|
_(name) do
|
21
36
|
Type "AWS::IAM::Role"
|
@@ -27,6 +42,6 @@ _(name) do
|
|
27
42
|
ManagedPolicyArns managed_policies unless managed_policies.empty?
|
28
43
|
Path path
|
29
44
|
Policies policies unless policies.empty?
|
30
|
-
RoleName
|
45
|
+
RoleName role
|
31
46
|
end
|
32
47
|
end
|
data/template/iam-user.rb
CHANGED
@@ -6,7 +6,7 @@ require 'kumogata/template/helper'
|
|
6
6
|
require 'kumogata/template/iam'
|
7
7
|
|
8
8
|
name = _resource_name(args[:name], "user")
|
9
|
-
|
9
|
+
groups = _ref_array("groups", args, "group")
|
10
10
|
login_profile =
|
11
11
|
if args.key? :login_profile
|
12
12
|
_iam_login_profile(args[:login_profile])
|
@@ -21,16 +21,16 @@ managed_policies =
|
|
21
21
|
end
|
22
22
|
path = args[:path] || "/"
|
23
23
|
policies = _iam_policies("policies", args)
|
24
|
-
user =
|
24
|
+
user = _name("user", args)
|
25
25
|
|
26
26
|
_(name) do
|
27
27
|
Type "AWS::IAM::User"
|
28
28
|
Properties do
|
29
|
-
|
29
|
+
Groups groups unless groups.empty?
|
30
30
|
LoginProfile login_profile unless login_profile.empty?
|
31
31
|
ManagedPolicyArns managed_policies unless managed_policies.empty?
|
32
32
|
Path path
|
33
33
|
Policies policies unless policies.empty?
|
34
|
-
UserName user
|
34
|
+
UserName user
|
35
35
|
end
|
36
36
|
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
#
|
2
|
+
# Kinesis Firehose Delivery System resource
|
3
|
+
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesisfirehose-deliverystream.html
|
4
|
+
#
|
5
|
+
require 'kumogata/template/helper'
|
6
|
+
require 'kumogata/template/kinesis'
|
7
|
+
|
8
|
+
name = _resource_name(args[:name], 'kinesis firehose delivery stream')
|
9
|
+
stream_name = _name('stream', args)
|
10
|
+
stream_type = _kinesis_firehose_to_delivery_stream_type(args[:type])
|
11
|
+
elasticsearch = _kinesis_firehose_delivery_stream_elasticsearch_destination(args[:es])
|
12
|
+
extended_s3 = _kinesis_firehose_delivery_stream_extended_s3_destination(args[:extended_s3])
|
13
|
+
kinesis = _kinesis_firehose_delivery_stream_kinesis_stream_source(args[:kinesis])
|
14
|
+
redshift = _kinesis_firehose_delivery_stream_redshift_destination(args[:redshift])
|
15
|
+
s3_dest = _kinesis_firehose_delivery_stream_s3_destnation(args[:s3_dest])
|
16
|
+
depends = _depends([ { ref_log_stream: 'logs log stream' } ], args)
|
17
|
+
|
18
|
+
if stream_type == 'KinesisStreamAsSource'
|
19
|
+
elasticsearch = ''
|
20
|
+
extended_s3 = ''
|
21
|
+
redshift = ''
|
22
|
+
end
|
23
|
+
|
24
|
+
_(name) do
|
25
|
+
Type 'AWS::KinesisFirehose::DeliveryStream'
|
26
|
+
Properties do
|
27
|
+
DeliveryStreamName stream_name
|
28
|
+
DeliveryStreamType stream_type
|
29
|
+
ElasticsearchDestinationConfiguration elasticsearch unless elasticsearch.empty?
|
30
|
+
ExtendedS3DestinationConfiguration extended_s3 unless extended_s3.empty?
|
31
|
+
KinesisStreamSourceConfiguration kinesis unless kinesis.empty?
|
32
|
+
RedshiftDestinationConfiguration redshift unless redshift.empty?
|
33
|
+
S3DestinationConfiguration s3_dest unless s3_dest.empty?
|
34
|
+
end
|
35
|
+
DependsOn depends unless depends.empty?
|
36
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
#
|
2
|
+
# Kinesis stream resource
|
3
|
+
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html
|
4
|
+
#
|
5
|
+
require 'kumogata/template/helper'
|
6
|
+
|
7
|
+
name = _resource_name(args[:name], 'kinesis stream')
|
8
|
+
stream = _name('stream', args)
|
9
|
+
rentention = args[:rentention] || 24
|
10
|
+
shard = args[:shard] || 1
|
11
|
+
tags = _tags(args, 'stream')
|
12
|
+
|
13
|
+
_(name) do
|
14
|
+
Type 'AWS::Kinesis::Stream'
|
15
|
+
Properties do
|
16
|
+
Name stream
|
17
|
+
RetentionPeriodHours rentention
|
18
|
+
ShardCount shard
|
19
|
+
Tags tags
|
20
|
+
end
|
21
|
+
end
|
data/template/kms-alias.rb
CHANGED
@@ -5,8 +5,8 @@
|
|
5
5
|
require 'kumogata/template/helper'
|
6
6
|
|
7
7
|
name = _resource_name(args[:name], "kms alias")
|
8
|
-
alias_name =
|
9
|
-
target =
|
8
|
+
alias_name = _name("alias", args)
|
9
|
+
target = _name("target", args)
|
10
10
|
|
11
11
|
_(name) do
|
12
12
|
Type "AWS::KMS::Alias"
|
data/template/kms-key.rb
CHANGED
@@ -6,7 +6,7 @@ require 'kumogata/template/helper'
|
|
6
6
|
require 'kumogata/template/iam'
|
7
7
|
|
8
8
|
name = _resource_name(args[:name], "kms key")
|
9
|
-
description = args[:
|
9
|
+
description = _ref_string_default('description', args, '', "#{args[:name]} kms key description")
|
10
10
|
enabled = _bool("enabled", args, true)
|
11
11
|
rotation = _bool("rotation", args, false)
|
12
12
|
policy = _iam_policy_document("policy", args)
|
data/template/lambda-alias.rb
CHANGED
@@ -5,10 +5,10 @@
|
|
5
5
|
require 'kumogata/template/helper'
|
6
6
|
|
7
7
|
name = _resource_name(args[:name], "lambda alias")
|
8
|
-
description = args[:
|
8
|
+
description = _ref_string_default("description", args, '', "#{args[:name]} lambda alias description")
|
9
9
|
function_name = _ref_attr_string("function_name", "Arn", args, "lambda function")
|
10
10
|
function_version = _ref_attr_string("function_version", "Version", args, "lambda version")
|
11
|
-
alias_name =
|
11
|
+
alias_name = _name("alias_name", args)
|
12
12
|
|
13
13
|
_(name) do
|
14
14
|
Type "AWS::Lambda::Alias"
|
@@ -7,8 +7,8 @@ require 'kumogata/template/helper'
|
|
7
7
|
name = _resource_name(args[:name], "lambda event source mapping")
|
8
8
|
batch_size = args[:batch_size] || 100
|
9
9
|
enabled = _bool("enabled", args, true)
|
10
|
-
|
11
|
-
|
10
|
+
event = _ref_attr_string("event", "Arn", args, args[:event_prefix])
|
11
|
+
function = _ref_attr_string("function", "Arn", args, "lambda function")
|
12
12
|
starting_position = _valid_values(args[:starting_position],
|
13
13
|
%w( trim_horizon latest ), "latest")
|
14
14
|
|
@@ -17,8 +17,8 @@ _(name) do
|
|
17
17
|
Properties do
|
18
18
|
BatchSize batch_size
|
19
19
|
Enabled enabled
|
20
|
-
EventSourceArn
|
21
|
-
FunctionName
|
20
|
+
EventSourceArn event
|
21
|
+
FunctionName function
|
22
22
|
StartingPosition starting_position.upcase
|
23
23
|
end
|
24
24
|
end
|
data/template/lambda-function.rb
CHANGED
@@ -8,30 +8,28 @@ require 'kumogata/template/lambda'
|
|
8
8
|
name = _resource_name(args[:name], "lambda function")
|
9
9
|
code = _lambda_function_code(args)
|
10
10
|
dead_letter = _lambda_dead_letter(args)
|
11
|
-
description = args[:
|
11
|
+
description = _ref_string_default("description", args, '', "#{args[:name]} lambda function description")
|
12
12
|
environment = _lambda_function_environment(args)
|
13
|
-
|
14
|
-
runtime =
|
15
|
-
|
13
|
+
function = _name("function", args)
|
14
|
+
runtime = _lambda_to_runtime(args[:runtime])
|
15
|
+
handler_index = args[:handler] || 'lambda'
|
16
16
|
handler =
|
17
|
-
|
18
|
-
|
17
|
+
case runtime
|
18
|
+
when /^nodejs/
|
19
|
+
"#{handler_index}.handler"
|
20
|
+
when /^python/
|
21
|
+
"#{handler_index}.handler"
|
19
22
|
else
|
20
|
-
|
21
|
-
when /^nodejs/
|
22
|
-
"#{args[:function_name]}.handler"
|
23
|
-
when /^python/
|
24
|
-
"#{args[:function_name]}.lambda_handler"
|
25
|
-
else
|
26
|
-
args[:handler]
|
27
|
-
end
|
23
|
+
'lambda.handler'
|
28
24
|
end
|
29
25
|
memory_size = args[:memory_size] || 128
|
30
26
|
role = _ref_attr_string("role", "Arn", args, "role")
|
31
27
|
role = _ref_string("role_arn", args, "role") if role.empty?
|
32
|
-
timeout = args[:timeout] ||
|
28
|
+
timeout = args[:timeout] || 300
|
29
|
+
trace = _lambda_trace_config(args)
|
33
30
|
vpc_config = _lambda_vpc_config(args)
|
34
|
-
tags = _tags(args)
|
31
|
+
tags = _tags(args, "function")
|
32
|
+
depends = _depends([ { ref_role: 'role' } ], args)
|
35
33
|
|
36
34
|
_(name) do
|
37
35
|
Type "AWS::Lambda::Function"
|
@@ -40,14 +38,16 @@ _(name) do
|
|
40
38
|
DeadLetterConfig dead_letter unless dead_letter.empty?
|
41
39
|
Description description unless description.empty?
|
42
40
|
Environment environment unless environment.empty?
|
43
|
-
FunctionName
|
41
|
+
FunctionName function
|
44
42
|
Handler handler
|
45
43
|
#KmsKeyArn
|
46
44
|
MemorySize memory_size
|
47
45
|
Role role
|
48
46
|
Runtime runtime
|
49
47
|
Timeout timeout
|
48
|
+
TracingConfig trace unless trace.empty?
|
50
49
|
VpcConfig vpc_config unless vpc_config.empty?
|
51
50
|
Tags tags
|
52
51
|
end
|
52
|
+
DependsOn depends unless depends.empty?
|
53
53
|
end
|
@@ -3,24 +3,45 @@
|
|
3
3
|
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html
|
4
4
|
#
|
5
5
|
require 'kumogata/template/helper'
|
6
|
+
require 'kumogata/template/iam'
|
6
7
|
|
7
8
|
name = _resource_name(args[:name], "lambda permission")
|
8
|
-
action = args[:action] ||
|
9
|
-
|
10
|
-
principal =
|
11
|
-
%w( s3.amazonaws.com sns.amazonaws.com ),
|
12
|
-
"sns.amazonaws.com")
|
9
|
+
action = args[:action] || 'invoke function'
|
10
|
+
function = _ref_attr_string("function", "Arn", args, "lambda function", 'arn')
|
11
|
+
principal = args[:principal]
|
13
12
|
source_account = _ref_string("source_account", args, "account id")
|
14
|
-
|
15
|
-
|
13
|
+
source_account = _ref_pseudo('account id') if source_account.empty? and principal == 's3'
|
14
|
+
source_arn_prefix =
|
15
|
+
case principal
|
16
|
+
when 's3'
|
17
|
+
'bucket'
|
18
|
+
when 'sns'
|
19
|
+
'topic'
|
20
|
+
when 'events'
|
21
|
+
'events rule'
|
22
|
+
# TBD
|
23
|
+
else
|
24
|
+
''
|
25
|
+
end
|
26
|
+
source_arn =
|
27
|
+
case principal
|
28
|
+
when 'sns'
|
29
|
+
_ref_string("source_arn", args, source_arn_prefix)
|
30
|
+
else
|
31
|
+
_ref_attr_string('source_arn', 'Arn', args, source_arn_prefix)
|
32
|
+
end
|
33
|
+
|
34
|
+
source_arn = _iam_arn("s3", { ref: args[:ref_iam_source_arn] }) if args.key? :ref_iam_source_arn and principal =~ /s3/ and source_arn.empty?
|
35
|
+
depends = _depends([ { ref_function: 'lambda function' } ], args)
|
16
36
|
|
17
37
|
_(name) do
|
18
38
|
Type "AWS::Lambda::Permission"
|
19
39
|
Properties do
|
20
|
-
Action action
|
21
|
-
FunctionName
|
22
|
-
Principal principal
|
40
|
+
Action "lambda:#{_capitalize(action)}"
|
41
|
+
FunctionName function
|
42
|
+
Principal "#{principal}.#{DOMAIN}"
|
23
43
|
SourceAccount source_account unless source_account.empty?
|
24
44
|
SourceArn source_arn unless source_arn.empty?
|
25
45
|
end
|
46
|
+
DependsOn depends unless depends.empty?
|
26
47
|
end
|
data/template/lambda-version.rb
CHANGED
@@ -7,13 +7,15 @@ require 'kumogata/template/helper'
|
|
7
7
|
name = _resource_name(args[:name], "lambda version")
|
8
8
|
code_sha256 = args[:code_sha256] || ""
|
9
9
|
description = args[:description] || ""
|
10
|
-
|
10
|
+
function = _ref_attr_string("function", "Arn", args, "lambda function")
|
11
|
+
depends = _depends([ { ref_function: 'lambda function' } ], args)
|
11
12
|
|
12
13
|
_(name) do
|
13
14
|
Type "AWS::Lambda::Version"
|
14
15
|
Properties do
|
15
16
|
CodeSha256 code_sha256 unless code_sha256.empty?
|
16
17
|
Description description unless description.empty?
|
17
|
-
FunctionName
|
18
|
+
FunctionName function
|
18
19
|
end
|
20
|
+
DependsOn depends unless depends.empty?
|
19
21
|
end
|
@@ -7,7 +7,7 @@ require 'kumogata/template/iam'
|
|
7
7
|
require 'kumogata/template/logs'
|
8
8
|
|
9
9
|
name = _resource_name(args[:name], "logs destination")
|
10
|
-
dest =
|
10
|
+
dest = _name("dest", args)
|
11
11
|
policy = _iam_policy_document("policy", args)
|
12
12
|
role = _ref_attr_string("role", "Arn", args, "role")
|
13
13
|
target = _iam_arn("kinesis", args[:target].merge(type: "stream"))
|
data/template/logs-log-group.rb
CHANGED
data/template/logs-log-stream.rb
CHANGED
@@ -6,8 +6,9 @@ require 'kumogata/template/helper'
|
|
6
6
|
require 'kumogata/template/logs'
|
7
7
|
|
8
8
|
name = _resource_name(args[:name], "logs log stream")
|
9
|
-
group =
|
10
|
-
stream =
|
9
|
+
group = _name("group", args)
|
10
|
+
stream = _name("stream", args)
|
11
|
+
depends = _depends([ { ref_log_group: 'logs log group' } ], args)
|
11
12
|
|
12
13
|
_(name) do
|
13
14
|
Type "AWS::Logs::LogStream"
|
@@ -15,4 +16,5 @@ _(name) do
|
|
15
16
|
LogGroupName group
|
16
17
|
LogStreamName stream
|
17
18
|
end
|
19
|
+
DependsOn depends unless depends.empty?
|
18
20
|
end
|
@@ -8,7 +8,7 @@ require 'kumogata/template/logs'
|
|
8
8
|
name = _resource_name(args[:name], "logs metric filter")
|
9
9
|
# pattern ex. [timestamps, ip_addresses, error_codes = 1234*, size, ...]
|
10
10
|
pattern = args[:pattern]
|
11
|
-
group =
|
11
|
+
group = _name("group", args)
|
12
12
|
trans = _logs_metric_filter_transformations(args)
|
13
13
|
|
14
14
|
_(name) do
|
@@ -10,7 +10,7 @@ dest = _ref_attr_string("dest", "Arn", args, "role")
|
|
10
10
|
# Filter and Pattern Syntax
|
11
11
|
# http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
|
12
12
|
pattern = args[:pattern]
|
13
|
-
group =
|
13
|
+
group = _name("group", args)
|
14
14
|
role = _ref_attr_string("role", "Arn", args, "role")
|
15
15
|
|
16
16
|
_(name) do
|
data/template/mappings-ec2.rb
CHANGED
@@ -6,93 +6,155 @@ require 'kumogata/template/helper'
|
|
6
6
|
AWSInstanceType2Arch do
|
7
7
|
EC2_INSTANCE_TYPES.each do |type|
|
8
8
|
_(type) do
|
9
|
-
Arch
|
9
|
+
Arch 'HVM64'
|
10
10
|
end
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
14
|
-
# Amazon Linux AMI
|
14
|
+
# Amazon Linux AMI x86_64 HVM GP2
|
15
15
|
# https://aws.amazon.com/marketplace/pp/B00CIYTQTC/
|
16
16
|
AWSRegionArch2AMIAmazonLinuxOfficial do
|
17
|
-
# 2017.
|
17
|
+
# 2017.09.1.20180115, released 01/15/2018
|
18
18
|
image_id = {
|
19
|
-
virginia:
|
20
|
-
ohio:
|
21
|
-
california:
|
22
|
-
oregon:
|
23
|
-
canada:
|
24
|
-
|
25
|
-
|
26
|
-
london:
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
19
|
+
virginia: '97785bed',
|
20
|
+
ohio: 'f63b1193',
|
21
|
+
california: '824c4ee2',
|
22
|
+
oregon: 'f2d3638a',
|
23
|
+
canada: 'a954d1cd',
|
24
|
+
frankfurt: '5652ce39',
|
25
|
+
ireland: 'd834aba1',
|
26
|
+
london: '403e2524',
|
27
|
+
paris: '8ee056f3',
|
28
|
+
singapore: '68097514',
|
29
|
+
sydney: '942dd1f6',
|
30
|
+
seoul: '863090e8',
|
31
|
+
tokyo: 'ceafcba8',
|
32
|
+
mumbai: '531a4c3c',
|
33
|
+
saopaulo: '84175ae8',
|
33
34
|
}
|
34
35
|
|
35
36
|
AWS_REGION.each do |key, region|
|
36
37
|
_(region) do
|
37
38
|
HVM64 "ami-#{image_id[key]}"
|
38
|
-
end
|
39
|
+
end if key !~ /local/
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
# Amazon Linux 2 AMI x86_64 HVM GP2
|
44
|
+
# https://aws.amazon.com/amazon-linux-2/release-notes/
|
45
|
+
# for r in $(aws --profile <profile> --output text ec2 describe-regions --query 'Regions[].RegionName'); do i=$(aws --profile <profile> --region $r --output text ec2 describe-images --owners amazon --filters Name=name,Values="amzn2-ami-hvm*gp2" --query 'Images[].[Name, ImageId]'); echo "$r: \"$i\""; done
|
46
|
+
AWSRegionArch2AMIAmazonLinux2Official do
|
47
|
+
# 2017.12.0.20180115
|
48
|
+
image_id = {
|
49
|
+
virginia: '428aa838',
|
50
|
+
ohio: '710e2414',
|
51
|
+
california: '4a787a2a',
|
52
|
+
oregon: '7f43f307',
|
53
|
+
canada: '7549cc11',
|
54
|
+
frankfurt: '1b2bb774',
|
55
|
+
ireland: 'db1688a2',
|
56
|
+
london: '6d263d09',
|
57
|
+
paris: '5ce55321',
|
58
|
+
singapore: '4f89f533',
|
59
|
+
sydney: '38708c5a',
|
60
|
+
seoul: '3e04a450',
|
61
|
+
tokyo: 'c2680fa4',
|
62
|
+
mumbai: '3b2f7954',
|
63
|
+
saopaulo: 'f1337e9d',
|
64
|
+
}
|
65
|
+
|
66
|
+
AWS_REGION.each do |key, region|
|
67
|
+
_(region) do
|
68
|
+
HVM64 "ami-#{image_id[key]}"
|
69
|
+
end if key !~ /local/
|
39
70
|
end
|
40
71
|
end
|
41
72
|
|
42
|
-
# CentOS 7
|
73
|
+
# CentOS 7 x86_64 with Updates HVM
|
43
74
|
# https://wiki.centos.org/Cloud/AWS
|
44
75
|
# https://aws.amazon.com/marketplace/pp/B00O7WM7QW/
|
45
76
|
AWSRegionArch2AMICentos7Official do
|
46
|
-
#
|
77
|
+
# 18001_01, released 01/14/2018
|
47
78
|
image_id = {
|
48
|
-
virginia:
|
49
|
-
ohio:
|
50
|
-
california:
|
51
|
-
oregon:
|
52
|
-
canada:
|
53
|
-
|
54
|
-
|
55
|
-
london:
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
79
|
+
virginia: '4bf3d731',
|
80
|
+
ohio: 'e1496384',
|
81
|
+
california: '65e0e305',
|
82
|
+
oregon: 'a042f4d8',
|
83
|
+
canada: 'dcad28b8',
|
84
|
+
frankfurt: '337be65c',
|
85
|
+
ireland: '6e28b517',
|
86
|
+
london: 'ee6a718a',
|
87
|
+
paris: 'bfff49c2',
|
88
|
+
singapore: 'd2fa88ae',
|
89
|
+
sydney: 'b6bb47d4',
|
90
|
+
seoul: '7248e81c',
|
91
|
+
tokyo: '25bd2743',
|
92
|
+
mumbai: '5d99ce32',
|
93
|
+
saopaulo: 'f9adef95',
|
62
94
|
}
|
63
95
|
|
64
96
|
AWS_REGION.each do |key, region|
|
65
97
|
_(region) do
|
66
98
|
HVM64 "ami-#{image_id[key]}"
|
67
|
-
end
|
99
|
+
end if key !~ /local/
|
68
100
|
end
|
69
101
|
end
|
70
102
|
|
71
|
-
# Ubuntu
|
103
|
+
# Ubuntu 16.04 LTS - Xenial (HVM)
|
72
104
|
# https://cloud-images.ubuntu.com/locator/ec2/
|
73
105
|
# https://aws.amazon.com/marketplace/pp/B01JBL2M0O
|
74
106
|
AWSRegionArch2AMIUbuntu16Official do
|
75
|
-
#
|
107
|
+
# 16.04 LTS 2018022, released 03/06/2018
|
76
108
|
image_id = {
|
77
|
-
virginia:
|
78
|
-
ohio:
|
79
|
-
california:
|
80
|
-
oregon:
|
81
|
-
canada:
|
82
|
-
|
83
|
-
|
84
|
-
london:
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
109
|
+
virginia: 'b46295c9',
|
110
|
+
ohio: 'f6cef993',
|
111
|
+
california: 'c16862a1',
|
112
|
+
oregon: '1c1d9664',
|
113
|
+
canada: '919b1cf5',
|
114
|
+
frankfurt: '6283ef0d',
|
115
|
+
ireland: '70054309',
|
116
|
+
london: 'be4aaed9',
|
117
|
+
paris: '5563d528',
|
118
|
+
singapore: '8f4f05f3',
|
119
|
+
sydney: 'ed77b18f',
|
120
|
+
seoul: 'e546eb8b',
|
121
|
+
tokyo: '64612102',
|
122
|
+
mumbai: '00000000', ## N/A
|
123
|
+
saopaulo: '4a733826',
|
91
124
|
}
|
92
125
|
|
93
126
|
AWS_REGION.each do |key, region|
|
94
127
|
_(region) do
|
95
128
|
HVM64 "ami-#{image_id[key]}"
|
96
|
-
end
|
129
|
+
end if key !~ /local/ and !image_id[key].empty?
|
130
|
+
end
|
131
|
+
end
|
132
|
+
|
133
|
+
# Amazon Linux AMI 2017.09.i x86_64 ECS HVM GP2
|
134
|
+
# http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI_launch_latest.html
|
135
|
+
AWSRegionArch2AMIEcsOfficial do
|
136
|
+
# 2017.09.j
|
137
|
+
image_id = {
|
138
|
+
ohio: 'ef64528a',
|
139
|
+
virginia: 'cad827b7',
|
140
|
+
oregon: 'baa236c2',
|
141
|
+
california: '29b8b249',
|
142
|
+
paris: '0356e07e',
|
143
|
+
london: '25f51242',
|
144
|
+
ireland: '64c4871d',
|
145
|
+
frankfurt: '3b7d1354',
|
146
|
+
seoul: '3b19b455',
|
147
|
+
tokyo: 'bb5f13dd',
|
148
|
+
sydney: 'a677b6c4',
|
149
|
+
singapore: 'f88ade84',
|
150
|
+
canada: 'db48cfbf',
|
151
|
+
mumbai: '9e91cff1',
|
152
|
+
saopaulo: 'da2c66b6',
|
153
|
+
}
|
154
|
+
|
155
|
+
AWS_REGION.each do |key, region|
|
156
|
+
_(region) do
|
157
|
+
HVM64 "ami-#{image_id[key]}" if region !~ /local/
|
158
|
+
end if key !~ /local/ and !image_id[key].empty?
|
97
159
|
end
|
98
160
|
end
|
data/template/output-arn.rb
CHANGED
@@ -3,7 +3,15 @@
|
|
3
3
|
#
|
4
4
|
require 'kumogata/template/helper'
|
5
5
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
6
|
+
name =
|
7
|
+
if args.key? :resource
|
8
|
+
"#{args[:name]} #{args[:resource]}"
|
9
|
+
else
|
10
|
+
args[:name]
|
11
|
+
end
|
12
|
+
|
13
|
+
_output "#{name} name", ref_value: name,
|
14
|
+
export: _export_string(args, "name")
|
15
|
+
|
16
|
+
_output "#{name} arn", ref_value: [ name, "Arn" ],
|
17
|
+
export: _export_string(args, "arn")
|
@@ -0,0 +1,11 @@
|
|
1
|
+
#
|
2
|
+
# Output access key
|
3
|
+
#
|
4
|
+
require 'kumogata/template/helper'
|
5
|
+
|
6
|
+
_output "#{args[:name]} access key",
|
7
|
+
ref_value: "#{args[:name]} access key",
|
8
|
+
export: _export_string(args, "access key")
|
9
|
+
_output "#{args[:name]} secret access key",
|
10
|
+
ref_value: [ "#{args[:name]} access key", "SecretAccessKey" ],
|
11
|
+
export: _export_string(args, "secret access key")
|
@@ -0,0 +1,11 @@
|
|
1
|
+
#
|
2
|
+
# Output distribution
|
3
|
+
#
|
4
|
+
require 'kumogata/template/helper'
|
5
|
+
|
6
|
+
_output "#{args[:name]} distribution",
|
7
|
+
ref_value: "#{args[:name]} distribution",
|
8
|
+
export: _export_string(args, "distribution")
|
9
|
+
_output "#{args[:name]} distribution domain",
|
10
|
+
ref_value: [ "#{args[:name]} distribution", "DomainName" ],
|
11
|
+
export: _export_string(args, "distribution domain")
|
@@ -0,0 +1,11 @@
|
|
1
|
+
#
|
2
|
+
# Output domain name
|
3
|
+
#
|
4
|
+
require 'kumogata/template/helper'
|
5
|
+
|
6
|
+
_output "#{args[:name]} domain name domain",
|
7
|
+
ref_value: "#{args[:name]} domain name",
|
8
|
+
export: _export_string(args, "domain name")
|
9
|
+
_output "#{args[:name]} domain name distribution",
|
10
|
+
ref_value: [ "#{args[:name]} domain name", "DistributionDomainName" ],
|
11
|
+
export: _export_string(args, "domain name distribution")
|