[AWS CloudFormation] CloudFormationマクロを作成

### CloudFormationマクロとは
CloudFormationテンプレートの標準的な定義だけでは実現できない処理を、テンプレート内からLambda関数(マクロ)を呼び出すことで実現できるようにするCloudFormation拡張機能のこと

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
AWSTemplateFormatVersion: "2010-09-09"
Description:
  CloudFormation Macro Create
 
# ------------------------------------------------------------#
# Input Parameters
# ------------------------------------------------------------#
Parameters:
  CFnMacroName:
    Type: String
 
# ------------------------------------------------------------#
#  LambdaExecutionRole
# ------------------------------------------------------------#       
Resources:
  LambdaExecutionRole:
    Type: "AWS::IAM::Role"
    Properties:
      RoleName: !Sub "${CFnMacroName}-LambdaExecutionRole"
      Policies:
        - PolicyName: !Sub "${CFnMacroName}-LambdaExecutionRole-Policy"
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - "logs:CreateLogGroup"
                  - "logs:CreateLogStream"
                  - "logs:PutLogEvents"
                Resource: "arn:aws:logs:*:*:*"
 
              - Effect: Allow
                Action:
                  - "ssm:PutParameter"
                Resource: "*"
 
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Sid: ""
            Effect: Allow
            Principal:
              Service: "lambda.amazonaws.com"
            Action: "sts:AssumeRole"
 
# ------------------------------------------------------------#
#  Lambda Function for CloudFormation Macro
#  example : generate random string(10) and register SSM
# ------------------------------------------------------------# 
  LambdaFunction:
    Type: "AWS::Lambda::Function"
    Properties:
      FunctionName: !Ref CFnMacroName
      Role: !GetAtt LambdaExecutionRole.Arn
      Handler: index.handler
 
      Code:
        ZipFile: !Sub |
          import boto3
          import string
          import random
 
          ssm = boto3.client('ssm')
 
          def handler(event, context):
            key = event['params']['Key']
            description = event['params']['Description']
            randomstr = ''.join(random.choices(string.ascii_letters + string.digits, k=10))
 
            ssm.put_parameter(
              Name=key,
              Value=randomstr,
              Type='SecureString',
              Description=description
            )
            return {'requestId': event['requestId'], 'status': 'success', 'fragment': randomstr}
 
      Runtime: "python3.6"
      MemorySize: 128
      Timeout: 5
 
# ------------------------------------------------------------#
#  CloudFormation Macro
# ------------------------------------------------------------# 
  CFnMacro:
    Type: "AWS::CloudFormation::Macro"
    Properties:
      FunctionName: !Ref LambdaFunction
      Name: !Ref CFnMacroName
      Description: !Ref CFnMacroName

index.pyが作られる

これは凄いな