Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Stackset Resource #6

Merged
merged 20 commits into from
May 30, 2020
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions aws-cloudformation-stackset/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# macOS
.DS_Store
._*

# Maven outputs
.classpath

# IntelliJ
*.iml
.idea
out.java
out/
.settings
.project

# auto-generated files
target/

# our logs
rpdk.log
16 changes: 16 additions & 0 deletions aws-cloudformation-stackset/.rpdk-config
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"typeName": "AWS::CloudFormation::StackSet",
"language": "java",
"runtime": "java8",
"entrypoint": "software.amazon.cloudformation.stackset.HandlerWrapper::handleRequest",
"testEntrypoint": "software.amazon.cloudformation.stackset.HandlerWrapper::testEntrypoint",
"settings": {
"namespace": [
"software",
"amazon",
"cloudformation",
"stackset"
],
"codegen_template_path": "guided_aws"
}
}
12 changes: 12 additions & 0 deletions aws-cloudformation-stackset/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# AWS::CloudFormation::StackSet

Congratulations on starting development! Next steps:

1. Write the JSON schema describing your resource, `aws-cloudformation-stackset.json`
1. Implement your resource handlers.

The RPDK will automatically generate the correct resource model from the schema whenever the project is built via Maven. You can also do this manually with the following command: `cfn generate`.

> Please don't modify files under `target/generated-sources/rpdk`, as they will be automatically overwritten.

The code uses [Lombok](https://projectlombok.org/), and [you may have to install IDE integrations](https://projectlombok.org/) to enable auto-complete for Lombok-annotated classes.
301 changes: 301 additions & 0 deletions aws-cloudformation-stackset/aws-cloudformation-stackset.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,301 @@
{
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"typeName": "AWS::CloudFormation::StackSet",
"description": "Resource Type definition for AWS::CloudFormation::StackSet",
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudformation.git",
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"definitions": {
"Tag": {
"description": "Tag type enables you to specify a key-value pair that can be used to store information about an AWS CloudFormation StackSet.",
"type": "object",
"properties": {
"Key": {
"description": "A string used to identify this tag. You can specify a maximum of 128 characters for a tag key.",
"type": "string",
"minLength": 1,
"maxLength": 128,
"pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$"
},
"Value": {
"description": "A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value.",
"type": "string",
"minLength": 1,
"maxLength": 256
}
},
"required": [
"Value",
"Key"
]
},
"AutoDeployment": {
"type": "object",
"properties": {
"Enabled": {
"description": "If set to true, StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.",
"type": "boolean"
},
"RetainStacksOnAccountRemoval": {
"description": "If set to true, stack resources are retained when an account is removed from a target organization or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to True.",
"type": "boolean"
}
},
"additionalProperties": false
},
"Account": {
"description": "AWS account that you want to create stack instances in the specified Region(s) for.",
"type": "string",
"pattern": "^[0-9]{12}$"
},
"Region": {
"type": "string",
"pattern": "^[a-zA-Z0-9-]{1,128}$"
},
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"OrganizationalUnitId": {
"type": "string",
"pattern": "^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$"
},
"Capability": {
"type": "string",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be an array of the capabilities.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, capabilities should be an array. This is the Capability in definitions which will be referenced in Capabilities in properties.

"enum": [
"CAPABILITY_IAM",
"CAPABILITY_NAMED_IAM",
"CAPABILITY_AUTO_EXPAND"
]
},
"Parameter": {
"type": "object",
"properties": {
"ParameterKey": {
"description": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template.",
"type": "string"
},
"ParameterValue": {
"description": "The input value associated with the parameter.",
"type": "string"
}
},
"additionalProperties": false
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
},
"StackInstances": {
"description": "Stack instances in some specific accounts and Regions.",
"type": "object",
"properties": {
"DeploymentTargets": {
"description": " The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.",
"type": "object",
"properties": {
"Accounts": {
"description": "AWS accounts that you want to create stack instances in the specified Region(s) for.",
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Account"
}
},
"OrganizationalUnitIds": {
"description": "The organization root ID or organizational unit (OU) IDs to which StackSets deploys.",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/OrganizationalUnitId"
}
}
}
},
"Regions": {
"description": "The names of one or more Regions where you want to create stack instances using the specified AWS account(s).",
"type": "array",
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Region"
}
},
"ParameterOverrides": {
"description": "A list of stack set parameters whose values you want to override in the selected stack instances.",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Parameter"
}
}
},
"required": [
"DeploymentTargets",
"Regions"
]
}
},
"properties": {
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"StackSetId": {
"description": "The ID of the stack set that you're creating.",
"type": "string"
},
"AdministrationRoleARN": {
"description": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.",
"type": "string",
"minLength": 20,
"maxLength": 2048
},
"AutoDeployment": {
"description": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED.",
"$ref": "#/definitions/AutoDeployment"
},
"Capabilities": {
"description": "In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances.",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Capability"
}
},
"Description": {
"description": "A description of the stack set. You can use the description to identify the stack set's purpose or other important information.",
"type": "string",
"minLength": 1,
"maxLength": 1024
},
"ExecutionRoleName": {
"description": "The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation.",
"type": "string",
"minLength": 1,
"maxLength": 64
},
"OperationPreferences": {
"description": "The user-specified preferences for how AWS CloudFormation performs a stack set operation.",
"type": "object",
"properties": {
"FailureToleranceCount": {
"type": "integer",
"minimum": 0
},
"FailureTolerancePercentage": {
"type": "integer",
"minimum": 0,
"maximum": 100
},
"MaxConcurrentCount": {
"type": "integer",
"minimum": 1
},
"MaxConcurrentPercentage": {
"type": "integer",
"minimum": 0,
"maximum": 100
},
"RegionOrder": {
"type": "array",
"items": {
"$ref": "#/definitions/Region"
}
}
}
},
"StackInstancesGroup": {
"description": "",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/StackInstances"
}
},
"Parameters": {
"description": "The input parameters for the stack set template.",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Parameter"
}
},
"PermissionModel": {
"description": "Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified.",
"type": "string",
"enum": [
"SERVICE_MANAGED",
"SELF_MANAGED"
]
},
"Tags": {
"description": "The key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified.",
"type": "array",
"uniqueItems": true,
"insertionOrder": false,
"maxItems": 50,
"items": {
"$ref": "#/definitions/Tag"
}
},
"TemplateBody": {
"description": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.",
"type": "string",
"minLength": 1,
"maxLength": 51200
},
"TemplateURL": {
"description": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket.",
"type": "string",
"minLength": 1,
"maxLength": 1024
}
},
"required": [
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"PermissionModel"
],
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"additionalProperties": false,
"createOnlyProperties": [
"/properties/PermissionModel"
],
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"writeOnlyProperties": [
"/properties/TemplateURL",
"/properties/OperationPreferences"
],
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
"readOnlyProperties": [
"/properties/StackSetId"
xiwhuang marked this conversation as resolved.
Show resolved Hide resolved
],
"primaryIdentifier": [
"/properties/StackSetId"
],
"handlers": {
"create": {
"permissions": [
"s3:GetObject",
"cloudformation:CreateStackSet",
"cloudformation:CreateStackInstances",
"cloudformation:DescribeStackSetOperation"
]
},
"read": {
"permissions": [
"cloudformation:DescribeStackSet",
"cloudformation:CreateStackInstances",
"cloudformation:DescribeStackInstances"
]
},
"update": {
"permissions": [
"s3:GetObject",
"cloudformation:UpdateStackSet",
"cloudformation:CreateStackInstances",
"cloudformation:DeleteStackInstances",
"cloudformation:DescribeStackSetOperation"
]
},
"delete": {
"permissions": [
"cloudformation:DeleteStackSet",
"cloudformation:DeleteStackInstances",
"cloudformation:DescribeStackSetOperation"
]
},
"list": {
"permissions": [
"cloudformation:ListStackSets"
]
}
}
}
1 change: 1 addition & 0 deletions aws-cloudformation-stackset/lombok.config
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
lombok.addLombokGeneratedAnnotation = true
Loading