Packages

import com.monsanto.arch.cloudformation.model._ import com.monsanto.arch.cloudformation.model.resource._ import com.monsanto.arch.cloudformation.model.simple.Builders._ object SimpleVPC extends VPCWriter { val ownerParameter = StringParameter( name = "Owner", Description = Some("Individual responsible for this template"), MinLength = Some(StringBackedInt(1)), MaxLength = Some(StringBackedInt(64)), AllowedPattern = Some("[-_ a-zA-Z0-9]*"), ConstraintDescription = Some("Can contain only alphanumeric characters, spaces, dashes and underscores.") ) val keyNameParameter = `AWS::EC2::KeyPair::KeyName_Parameter`( name = "KeyName", Description = Some("Name of an existing EC2 KeyPair to enable SSH access to the instances"), ConstraintDescription = Some("Value must be a valid AWS key pair name in your account.") ) val allowSSHFromParameter = CidrBlockParameter( name = "AllowSSHFrom", Description = Some("The net block (CIDR) that SSH is available to.") ) val simpleParameters = Seq( ownerParameter, keyNameParameter, allowSSHFromParameter ) val simpleConditions = Seq( Condition( name = "ShouldDisablePassword", function = `Fn::Equals`( a = ParameterRef(ownerParameter), b = StringToken("rms") ) ) ) val amazonLinuxAMIMapping = Mapping[AMIId]( "AmazonLinuxAMI", Map( "us-east-1" -> Map("AMI" -> AMIId("ami-1ecae776")), "us-west-1" -> Map("AMI" -> AMIId("ami-d114f295")), "us-west-2" -> Map("AMI" -> AMIId("ami-e7527ed7")), "eu-west-1" -> Map("AMI" -> AMIId("ami-a10897d6")), "ap-southeast-1" -> Map("AMI" -> AMIId("ami-68d8e93a")), "ap-southeast-2" -> Map("AMI" -> AMIId("ami-fd9cecc7")), "ap-northeast-1" -> Map("AMI" -> AMIId("ami-cbf90ecb")) ) ) val simpleMappings = Seq(amazonLinuxAMIMapping) val simpleResourceAndOutputs = withVpc(CidrBlock(10, 0, 0, 0, 16)) { implicit vpc => val (internetGatewayResource, gatewayToInternetResource) = withInternetGateway val publicRouteTable = withRouteTable("Public", 1) val publicRouteTableRoute = publicRouteTable.withRoute( visibility = "Public", routeTableOrdinal = 1, routeOrdinal = 1, connectionBobber = InternetGatewayRoute(ResourceRef(internetGatewayResource)) ) val gatewayStuff = Template.fromResource(internetGatewayResource) ++ gatewayToInternetResource ++ publicRouteTable ++ publicRouteTableRoute val withinAZ = withAZ("us-east-1a") { implicit az => withSubnet("PubSubnet1", CidrBlock(10, 0, 0, 1, 24)) { implicit pubSubnet => val bastionName = "bastion" val bastion = ec2( name = bastionName, InstanceType = "t2.micro", KeyName = ParameterRef(keyNameParameter), ImageId = `Fn::FindInMap`[AMIId](MappingRef(amazonLinuxAMIMapping), `AWS::Region`, "AMI"), SecurityGroupIds = Seq(), Tags = AmazonTag.fromName(bastionName), UserData = Some(`Fn::Base64`( `Fn::Join`("", Seq[Token[String]]( "#!/bin/bash -v\n", "yum update -y --security\n", "# EOF\n" ) ) )) ) val sshToBastion = ParameterRef(allowSSHFromParameter) ->- 22 ->- bastion Template.fromSecurityGroupRoutable(bastion) ++ bastion.map(_.withEIP("BastionEIP").andOutput("BastionEIP", "Bastion Host EIP")) ++ Template.collapse(sshToBastion) } } gatewayStuff ++ withinAZ } val simpleTemplate = simpleResourceAndOutputs ++ Template( AWSTemplateFormatVersion = Some("2010-09-09"), Description = Some("Simple template"), Parameters = Some(simpleParameters), Conditions = Some(simpleConditions), Mappings = Some(simpleMappings), Resources = Seq.empty, Outputs = None ) writeStaxModule("vpc-simple.json", simpleTemplate) } SimpleVPC

com.monsanto.arch.cloudformation.model.resource

AWS::Lambda::Permission

Companion object AWS::Lambda::Permission

case class AWS::Lambda::Permission(name: String, Action: String, FunctionName: Token[ResourceRef[AWS::Lambda::Function]], Principal: Token[String], EventSourceToken: Option[Token[String]] = None, SourceAccount: Option[Token[String]] = None, SourceArn: Option[Token[String]] = None, DependsOn: Option[Seq[String]] = None, Condition: Option[ConditionRef] = None) extends Resource[AWS::Lambda::Permission] with Product with Serializable

The AWS::Lambda::Permission resource associates a policy statement with a specific AWS Lambda (Lambda) function's access policy. The function policy grants a specific AWS service or application permission to invoke the function.

name: CloudFormation logical name
Action: The Lambda actions that you want to allow in this statement. For example, you can specify lambda:CreateFunction to specify a certain action, or use a wildcard (lambda:*) to grant permission to all Lambda actions.
FunctionName: The name (physical ID), Amazon Resource Name (ARN), or alias ARN of the Lambda function that you want to associate with this statement. Lambda adds this statement to the function's access policy.
Principal: The entity for which you are granting permission to invoke the Lambda function. This entity can be any valid AWS service principal, such as s3.amazonaws.com or sns.amazonaws.com, or, if you are granting cross-account permission, an AWS account ID. For example, you might want to allow a custom application in another AWS account to push events to Lambda by invoking your function.
EventSourceToken: A unique token that must be supplied by the principal invoking the function.
SourceAccount: The AWS account ID (without hyphens) of the source owner. For example, if you specify an S3 bucket in the SourceArn property, this value is the bucket owner's account ID. You can use this property to ensure that all source principals are owned by a specific account.
SourceArn: The ARN of a resource that is invoking your function. When granting Amazon Simple Storage Service (Amazon S3) permission to invoke your function, specify this property with the bucket ARN as its value. This ensures that events generated only from the specified bucket, not just any bucket from any AWS account that creates a mapping to your function, can invoke the function.
DependsOn: Declare dependencies for resources that must be created or deleted in a specific order.
Condition: Define conditions by using the intrinsic condition functions. These conditions determine when AWS CloudFormation creates the associated resources.

Linear Supertypes

Serializable, Serializable, Product, Equals, Resource[AWS::Lambda::Permission], AnyRef, Any

Ordering

Alphabetic
By Inheritance

Inherited

AWS::Lambda::Permission
Serializable
Serializable
Product
Equals
Resource
AnyRef
Any

Hide All
Show All

Visibility

Public
All

Instance Constructors

new AWS::Lambda::Permission(name: String, Action: String, FunctionName: Token[ResourceRef[AWS::Lambda::Function]], Principal: Token[String], EventSourceToken: Option[Token[String]] = None, SourceAccount: Option[Token[String]] = None, SourceArn: Option[Token[String]] = None, DependsOn: Option[Seq[String]] = None, Condition: Option[ConditionRef] = None)
name
CloudFormation logical name
Action
The Lambda actions that you want to allow in this statement. For example, you can specify lambda:CreateFunction to specify a certain action, or use a wildcard (lambda:*) to grant permission to all Lambda actions.
FunctionName
The name (physical ID), Amazon Resource Name (ARN), or alias ARN of the Lambda function that you want to associate with this statement. Lambda adds this statement to the function's access policy.
Principal
The entity for which you are granting permission to invoke the Lambda function. This entity can be any valid AWS service principal, such as s3.amazonaws.com or sns.amazonaws.com, or, if you are granting cross-account permission, an AWS account ID. For example, you might want to allow a custom application in another AWS account to push events to Lambda by invoking your function.
EventSourceToken
A unique token that must be supplied by the principal invoking the function.
SourceAccount
The AWS account ID (without hyphens) of the source owner. For example, if you specify an S3 bucket in the SourceArn property, this value is the bucket owner's account ID. You can use this property to ensure that all source principals are owned by a specific account.
SourceArn
The ARN of a resource that is invoking your function. When granting Amazon Simple Storage Service (Amazon S3) permission to invoke your function, specify this property with the bucket ARN as its value. This ensures that events generated only from the specified bucket, not just any bucket from any AWS account that creates a mapping to your function, can invoke the function.
DependsOn
Declare dependencies for resources that must be created or deleted in a specific order.
Condition
Define conditions by using the intrinsic condition functions. These conditions determine when AWS CloudFormation creates the associated resources.

Type Members

type RR = Resource[AWS::Lambda::Permission]

Definition Classes
Resource

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
val Action: String
val Condition: Option[ConditionRef]

Definition Classes
AWS::Lambda::Permission → Resource
val DeletionPolicy: Option[DeletionPolicy]

Definition Classes
Resource
val DependsOn: Option[Seq[String]]

Definition Classes
AWS::Lambda::Permission → Resource
val EventSourceToken: Option[Token[String]]
val FunctionName: Token[ResourceRef[AWS::Lambda::Function]]
val Principal: Token[String]
val ResourceType: String

Definition Classes
Resource
val SourceAccount: Option[Token[String]]
val SourceArn: Option[Token[String]]
final def asInstanceOf[T0]: T0

Definition Classes
Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@native() @throws( ... )
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
Annotations
@native()
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
val name: String

Definition Classes
AWS::Lambda::Permission → Resource
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def notifyAll(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@native() @throws( ... )
def when(newCondition: Option[ConditionRef] = Condition): AWS::Lambda::Permission

Definition Classes
AWS::Lambda::Permission → Resource

Packages

AWS::Lambda::Permission

Companion object AWS::Lambda::Permission

Instance Constructors

Type Members

Value Members

Inherited from Serializable

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from Resource[AWS::Lambda::Permission]

Inherited from AnyRef

Inherited from Any

Ungrouped

Packages

AWS::Lambda::Permission 

Companion object AWS::Lambda::Permission

Instance Constructors

Type Members

Value Members

Inherited from Serializable

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from Resource[AWS::Lambda::Permission]

Inherited from AnyRef

Inherited from Any

Ungrouped

AWS::Lambda::Permission