python-layer-builder/template.yaml at main · peterjdavis/python-layer-builder · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Description: Serverless Application for building python Lambda Layers in Lambda

Metadata:
  AWS::ServerlessRepo::Application:
    Name: python%layer-label%-layer-builder
    Author: Pete Davis
    Description: >
      Serverless Application for building python %python-version-desc% %architecture% Lambda Layers in Lambda
    SpdxLicenseId: Apache-2.0
    LicenseUrl: LICENSE
    ReadmeUrl: README.md
    Labels: ['layer', 'lambda', 'python']
    HomePageUrl: https://github.com/peterjdavis/python-layer-builder
    SemanticVersion: 1.0.7
    SourceCodeUrl: https://github.com/peterjdavis/python-layer-builder

Parameters:
  LayerName:
    Description: The name of the layer to be created
    Type: String

  LayerPackages:
    Description: The list of packages to be deployed using the same format as pip https://packaging.python.org/en/latest/tutorials/installing-packages/#use-pip-for-installing
    Type: String

Resources:
  LayerBuilderFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: src/lambda/LayerBuilderFunction
      Handler: index.lambda_handler
      Runtime: python%python-version-desc%
      Architectures:
        - %architecture%
      MemorySize: 2048
      Timeout: 120
      Environment:
        Variables:
          LAYER_NAME: !Ref LayerName
          LAYER_PACKAGES: !Ref LayerPackages
          PYTHON_VERSION: python%python-version-desc%
          ARCHITECTURE: %architecture%
          TEMP_S3_BUCKET_NAME: !Sub
            - temp-bucket-${UniqueId}-${AWS::Region}-${AWS::AccountId}
            - UniqueId: !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]
      Policies:
        - Version: '2012-10-17'
          Statement:
            - Effect: Allow
              Action:
                - lambda:PublishLayerVersion
                - lambda:DeleteLayerVersion
                - lambda:ListLayerVersions
              Resource: '*'
            - Effect: Allow
              Action:
                - s3:CreateBucket
                - s3:DeleteBucket
              Resource: !Sub
                - arn:${AWS::Partition}:s3:::${BucketName}
                - BucketName: !Sub
                  - temp-bucket-${UniqueId}-${AWS::Region}-${AWS::AccountId}
                  - UniqueId: !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]
            - Effect: Allow
              Action:
                - s3:GetObject
                - s3:PutObject
                - s3:DeleteObject
              Resource: !Sub
                - arn:${AWS::Partition}:s3:::${BucketName}
                - BucketName: !Sub
                  - temp-bucket-${UniqueId}-${AWS::Region}-${AWS::AccountId}/*
                  - UniqueId: !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]

  LayerBuilderFunctionLogGroup:
    Type: AWS::Logs::LogGroup
    # DeletionPolicy: Delete
    Properties:
      LogGroupName: !Sub /aws/lambda/${LayerBuilderFunction}

  LayerBuilderVersionArn:
    Type: AWS::CloudFormation::CustomResource
    DependsOn: LayerBuilderFunctionLogGroup
    Properties:
      ServiceToken: !Sub ${LayerBuilderFunction.Arn}

Outputs:
  LayerVersionArn:
    Description: ARN for the layer version that has been created
    Value: !Sub ${LayerBuilderVersionArn.LayerVersionArn}