diff --git a/samtranslator/model/eventsources/push.py b/samtranslator/model/eventsources/push.py index 7320d82ba..096aa3e69 100644 --- a/samtranslator/model/eventsources/push.py +++ b/samtranslator/model/eventsources/push.py @@ -36,7 +36,7 @@ class PushEventSource(ResourceMacro): """ principal = None - def _construct_permission(self, function, source_arn=None, source_account=None, suffix=""): + def _construct_permission(self, function, source_arn=None, source_account=None, suffix="", event_source_token=None): """Constructs the Lambda Permission resource allowing the source service to invoke the function this event source triggers. @@ -56,6 +56,7 @@ def _construct_permission(self, function, source_arn=None, source_account=None, lambda_permission.Principal = self.principal lambda_permission.SourceArn = source_arn lambda_permission.SourceAccount = source_account + lambda_permission.EventSourceToken = event_source_token return lambda_permission @@ -477,7 +478,9 @@ class AlexaSkill(PushEventSource): resource_type = 'AlexaSkill' principal = 'alexa-appkit.amazon.com' - property_types = {} + property_types = { + 'SkillId': PropertyType(False, is_str()), + } def to_cloudformation(self, **kwargs): function = kwargs.get('function') @@ -486,7 +489,7 @@ def to_cloudformation(self, **kwargs): raise TypeError("Missing required keyword argument: function") resources = [] - resources.append(self._construct_permission(function)) + resources.append(self._construct_permission(function, event_source_token=self.SkillId)) return resources diff --git a/samtranslator/model/lambda_.py b/samtranslator/model/lambda_.py index bf0fe6b12..6b7f4e5cb 100644 --- a/samtranslator/model/lambda_.py +++ b/samtranslator/model/lambda_.py @@ -75,5 +75,6 @@ class LambdaPermission(Resource): 'FunctionName': PropertyType(True, is_str()), 'Principal': PropertyType(True, is_str()), 'SourceAccount': PropertyType(False, is_str()), - 'SourceArn': PropertyType(False, is_str()) + 'SourceArn': PropertyType(False, is_str()), + 'EventSourceToken': PropertyType(False, is_str()) } diff --git a/tests/translator/input/alexa_skill_with_skill_id.yaml b/tests/translator/input/alexa_skill_with_skill_id.yaml new file mode 100644 index 000000000..1714edb46 --- /dev/null +++ b/tests/translator/input/alexa_skill_with_skill_id.yaml @@ -0,0 +1,20 @@ +# File: sam.yml +# Version: 0.9 + +AWSTemplateFormatVersion: '2010-09-09' +Parameters: {} +Resources: + AlexaSkillFunc: + Type: AWS::Serverless::Function + Properties: + CodeUri: s3://sam-demo-bucket/hello.zip + Description: Created by SAM + Events: + AlexaSkillEvent: + Type: AlexaSkill + Properties: + SkillId: amzn1.ask.skill.12345678-1234-1234-1234-123456789 + Handler: index.handler + MemorySize: 1024 + Runtime: nodejs4.3 + Timeout: 3 diff --git a/tests/translator/output/alexa_skill_with_skill_id.json b/tests/translator/output/alexa_skill_with_skill_id.json new file mode 100644 index 000000000..b630d62f7 --- /dev/null +++ b/tests/translator/output/alexa_skill_with_skill_id.json @@ -0,0 +1,67 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Parameters": {}, + "Resources": { + "AlexaSkillFuncRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "ManagedPolicyArns": [ + "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + } + } + }, + "AlexaSkillFuncAlexaSkillEventPermission": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:invokeFunction", + "FunctionName": { + "Ref": "AlexaSkillFunc" + }, + "Principal": "alexa-appkit.amazon.com", + "EventSourceToken": "amzn1.ask.skill.12345678-1234-1234-1234-123456789" + } + }, + "AlexaSkillFunc": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "hello.zip" + }, + "Description": "Created by SAM", + "Tags": [ + { + "Value": "SAM", + "Key": "lambda:createdBy" + } + ], + "MemorySize": 1024, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "AlexaSkillFuncRole", + "Arn" + ] + }, + "Timeout": 3, + "Runtime": "nodejs4.3" + } + } + } + } \ No newline at end of file diff --git a/tests/translator/output/aws-cn/alexa_skill_with_skill_id.json b/tests/translator/output/aws-cn/alexa_skill_with_skill_id.json new file mode 100644 index 000000000..5a85f36d1 --- /dev/null +++ b/tests/translator/output/aws-cn/alexa_skill_with_skill_id.json @@ -0,0 +1,67 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Parameters": {}, + "Resources": { + "AlexaSkillFuncRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "ManagedPolicyArns": [ + "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + } + } + }, + "AlexaSkillFuncAlexaSkillEventPermission": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:invokeFunction", + "FunctionName": { + "Ref": "AlexaSkillFunc" + }, + "Principal": "alexa-appkit.amazon.com", + "EventSourceToken": "amzn1.ask.skill.12345678-1234-1234-1234-123456789" + } + }, + "AlexaSkillFunc": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "hello.zip" + }, + "Description": "Created by SAM", + "Tags": [ + { + "Value": "SAM", + "Key": "lambda:createdBy" + } + ], + "MemorySize": 1024, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "AlexaSkillFuncRole", + "Arn" + ] + }, + "Timeout": 3, + "Runtime": "nodejs4.3" + } + } + } + } \ No newline at end of file diff --git a/tests/translator/output/aws-us-gov/alexa_skill_with_skill_id.json b/tests/translator/output/aws-us-gov/alexa_skill_with_skill_id.json new file mode 100644 index 000000000..659f83c42 --- /dev/null +++ b/tests/translator/output/aws-us-gov/alexa_skill_with_skill_id.json @@ -0,0 +1,67 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Parameters": {}, + "Resources": { + "AlexaSkillFuncRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "ManagedPolicyArns": [ + "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + } + } + }, + "AlexaSkillFuncAlexaSkillEventPermission": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:invokeFunction", + "FunctionName": { + "Ref": "AlexaSkillFunc" + }, + "Principal": "alexa-appkit.amazon.com", + "EventSourceToken": "amzn1.ask.skill.12345678-1234-1234-1234-123456789" + } + }, + "AlexaSkillFunc": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "hello.zip" + }, + "Description": "Created by SAM", + "Tags": [ + { + "Value": "SAM", + "Key": "lambda:createdBy" + } + ], + "MemorySize": 1024, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "AlexaSkillFuncRole", + "Arn" + ] + }, + "Timeout": 3, + "Runtime": "nodejs4.3" + } + } + } + } \ No newline at end of file diff --git a/tests/translator/test_translator.py b/tests/translator/test_translator.py index ca5619741..ea1efa159 100644 --- a/tests/translator/test_translator.py +++ b/tests/translator/test_translator.py @@ -125,6 +125,7 @@ class TestTranslatorEndToEnd(TestCase): 'sns_existing_other_subscription', 'sns_topic_outside_template', 'alexa_skill', + 'alexa_skill_with_skill_id', 'iot_rule', 'function_managed_inline_policy', 'unsupported_resources',