Provides a function to use arbitrary JSON variables in CloudFormation, by simply taking input Properties
on the Resource
(omitting ServiceToken) and returning them in new Buffer(JSON.stringify(Properties)).toString('base64')
form. You can use this to quickly add reusability to your template Resource
definitions.
CloudFormation converts all primitives to String representations, account for this.
Natively supported by cfn-lambda
's ability to use __default__
expansion in JSON Properties
objects (documented here)
This package on NPM
This package on GitHub
This Lambda makes use of the Lambda-Backed CloudFormation Custom Resource flow module, cfn-lambda
(GitHub / NPM).
See ./example.template.json
for a sample CloudFormation template. The example uses Condition
statements, Parameters
, and dynamic ServiceToken
generation fully.
"VariableLogicalIdInResourcesObject": {
"Type": "Type": "Custom::Variable",
"Properties": {
"ServiceToken": "arn:aws:lambda:<cfn-region-id>:<your-account-id>:function:<this-deployed-lambda-name>",
"VariableValue": { // Arbitrary JSON or String or Number or Array
"FooProperty": {...},
"BarProperty": "can by anything"
}
}
}
CloudFormation converts all primitives to String representations, account for this.
To reference the base64(JSON.stringify(Properties))
value, use "Fn::GetAtt":
{
"Fn::GetAtt": [
"MyVariableResource",
"Value"
]
}
Ref
simply returns the SHA256(JSON.stringify(Properties))
, and is used to make sure the template knows when to propagate value changes.
The way that takes 10 seconds...
# Have aws CLI installed + permissions for IAM and Lamdba
$ npm run cfn-lambda-deploy
You will have this resource installed in every supported Region globally!
... And the way more difficult way.
IMPORTANT: With this method, you must install this custom service Lambda in each AWS Region in which you want CloudFormation to be able to access the Variable
custom resource!
- Go to the AWS Lambda Console Create Function view:
-
Zip this repository into
/tmp/Variable.zip
$ cd $REPO_ROOT && zip -r /tmp/Variable.zip;
-
Enter a name in the Name blank. I suggest:
CfnLambdaResouce-Variable
-
Enter a Description (optional).
-
Toggle Code Entry Type to "Upload a .ZIP file"
-
Click "Upload", navigate to and select
/tmp/Variable.zip
-
Set the Timeout under Advanced Settings to 10 sec
-
Click the Role dropdown then click "Basic Execution Role". This will pop out a new window.
-
Select IAM Role, then select option "Create a new IAM Role"
-
Name the role
lambda_cfn_api_gateway_resource
(or something descriptive) -
Click "View Policy Document", click "Edit" on the right, then hit "OK"
-
Copy and paste the
./execution-policy.json
document. -
Hit "Allow". The window will close. Go back to the first window if you are not already there.
-
Click "Create Function". Finally, done! Now go to Usage or see the example template. Next time, stick to the instant deploy script.
Submit pull requests or Tweet @ayetempleton if you want to get involved with roadmap as well, or if you want to do this for a living :)
Work is (extremely) active, published here:
Andrew's NPM Account