@@ -82,88 +82,3 @@ See the following section of the docs on details to write Custom Resources:
82
82
* [ Introduction] ( https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources.html )
83
83
* [ Reference] ( https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/crpg-ref.html )
84
84
* [ Code Reference] ( https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html )
85
-
86
- #### AWS Custom Resource
87
- Sometimes a single API call can fill the gap in the CloudFormation coverage. In
88
- this case you can use the ` AwsCustomResource ` construct. This construct creates
89
- a custom resource that can be customized to make specific API calls for the
90
- ` CREATE ` , ` UPDATE ` and ` DELETE ` events. Additionally, data returned by the API
91
- call can be extracted and used in other constructs/resources (creating a real
92
- CloudFormation dependency using ` Fn::GetAtt ` under the hood).
93
-
94
- The physical id of the custom resource can be specified or derived from the data
95
- returned by the API call.
96
-
97
- The ` AwsCustomResource ` uses the AWS SDK for JavaScript. Services, actions and
98
- parameters can be found in the [ API documentation] ( https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/index.html ) .
99
-
100
- Path to data must be specified using a dot notation, e.g. to get the string value
101
- of the ` Title ` attribute for the first item returned by ` dynamodb.query ` it should
102
- be ` Items.0.Title.S ` .
103
-
104
- ##### Examples
105
- Verify a domain with SES:
106
-
107
- ``` ts
108
- const verifyDomainIdentity = new AwsCustomResource (this , ' VerifyDomainIdentity' , {
109
- onCreate: {
110
- service: ' SES' ,
111
- action: ' verifyDomainIdentity' ,
112
- parameters: {
113
- Domain: ' example.com'
114
- },
115
- physicalResourceIdPath: ' VerificationToken' // Use the token returned by the call as physical id
116
- }
117
- });
118
-
119
- new route53 .TxtRecord (zone , ' SESVerificationRecord' , {
120
- recordName: ` _amazonses.example.com ` ,
121
- recordValue: verifyDomainIdentity .getData (' VerificationToken' )
122
- });
123
- ```
124
-
125
- Get the latest version of a secure SSM parameter:
126
-
127
- ``` ts
128
- const getParameter = new AwsCustomResource (this , ' GetParameter' , {
129
- onUpdate: { // will also be called for a CREATE event
130
- service: ' SSM' ,
131
- action: ' getParameter' ,
132
- parameters: {
133
- Name: ' my-parameter' ,
134
- WithDecryption: true
135
- },
136
- physicalResourceId: Date .now ().toString () // Update physical id to always fetch the latest version
137
- }
138
- });
139
-
140
- // Use the value in another construct with
141
- getParameter .getData (' Parameter.Value' )
142
- ```
143
-
144
- IAM policy statements required to make the API calls are derived from the calls
145
- and allow by default the actions to be made on all resources (` * ` ). You can
146
- restrict the permissions by specifying your own list of statements with the
147
- ` policyStatements ` prop.
148
-
149
- Chained API calls can be achieved by creating dependencies:
150
- ``` ts
151
- const awsCustom1 = new AwsCustomResource (this , ' API1' , {
152
- onCreate: {
153
- service: ' ...' ,
154
- action: ' ...' ,
155
- physicalResourceId: ' ...'
156
- }
157
- });
158
-
159
- const awsCustom2 = new AwsCustomResource (this , ' API2' , {
160
- onCreate: {
161
- service: ' ...' ,
162
- action: ' ...'
163
- parameters : {
164
- text: awsCustom1 .getData (' Items.0.text' )
165
- },
166
- physicalResourceId: ' ...'
167
- }
168
- })
169
- ```
0 commit comments