Skip to content

Commit

Permalink
Merge pull request #1625 from awslabs/release-1-25-0
Browse files Browse the repository at this point in the history 
Release Changes for 1.25.0
  • Loading branch information
@awood45
awood45 committed Jun 16, 2020
2 parents d17bc09 + b98e69c commit 85501ac
Show file tree
Hide file tree
Showing 11 changed files with 452 additions and 3 deletions.
2 changes: 1 addition & 1 deletion samtranslator/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "1.24.0"
__version__ = "1.25.0"
1 change: 1 addition & 0 deletions samtranslator/model/lambda_.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ class LambdaFunction(Resource):
"KmsKeyArn": PropertyType(False, one_of(is_type(dict), is_str())),
"Layers": PropertyType(False, list_of(one_of(is_str(), is_type(dict)))),
"ReservedConcurrentExecutions": PropertyType(False, any_type()),
"FileSystemConfigs": PropertyType(False, list_of(is_type(dict))),
}

runtime_attrs = {"name": lambda self: ref(self.logical_id), "arn": lambda self: fnGetAtt(self.logical_id, "Arn")}
Expand Down
2 changes: 2 additions & 0 deletions samtranslator/model/sam_resources.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ class SamFunction(SamResourceMacro):
"AutoPublishCodeSha256": PropertyType(False, one_of(is_str())),
"VersionDescription": PropertyType(False, is_str()),
"ProvisionedConcurrencyConfig": PropertyType(False, is_type(dict)),
"FileSystemConfigs": PropertyType(False, list_of(is_type(dict))),
}
event_resolver = ResourceTypeResolver(
samtranslator.model.eventsources,
Expand Down Expand Up @@ -404,6 +405,7 @@ def _construct_lambda_function(self):
lambda_function.ReservedConcurrentExecutions = self.ReservedConcurrentExecutions
lambda_function.Tags = self._construct_tag_list(self.Tags)
lambda_function.Layers = self.Layers
lambda_function.FileSystemConfigs = self.FileSystemConfigs

if self.Tracing:
lambda_function.TracingConfig = {"Mode": self.Tracing}
Expand Down
1 change: 1 addition & 0 deletions samtranslator/plugins/globals/globals.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ class Globals(object):
"ProvisionedConcurrencyConfig",
"AssumeRolePolicyDocument",
"EventInvokeConfig",
"FileSystemConfigs",
],
# Everything except
# DefinitionBody: because its hard to reason about merge of Swagger dictionaries
Expand Down
46 changes: 46 additions & 0 deletions samtranslator/policy_templates_data/policy_templates.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2260,6 +2260,52 @@
}
]
}
},
"EFSWriteAccessPolicy": {
"Description": "Gives permission to mount an Elastic File System with write access",
"Parameters": {
"FileSystem": {
"Description": "Resource ID of the Elastic File System"
},
"AccessPoint": {
"Description": "Resource ID of the Elastic File System Access Point"
}
},
"Definition": {
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticfilesystem:ClientMount",
"elasticfilesystem:ClientWrite"
],
"Resource": {
"Fn::Sub": [
"arn:${AWS::Partition}:elasticfilesystem:${AWS::Region}:${AWS::AccountId}:file-system/${FileSystem}",
{
"FileSystem": {
"Ref": "FileSystem"
}
}
]
},
"Condition": {
"StringEquals": {
"elasticfilesystem:AccessPointArn": {
"Fn::Sub": [
"arn:${AWS::Partition}:elasticfilesystem:${AWS::Region}:${AWS::AccountId}:access-point/${AccessPoint}",
{
"AccessPoint": {
"Ref": "AccessPoint"
}
}
]
}
}
}
}
]
}
}
}
}
53 changes: 53 additions & 0 deletions tests/translator/input/function_with_file_system_config.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
Description: SAM + Lambda + EFS

Parameters:
ExistingEfsFileSystem:
Type: String

SecurityGroupIds:
Type: List<AWS::EC2::SecurityGroup::Id>
Description: Security Group IDs that Lambda will use

VpcSubnetIds:
Type: List<AWS::EC2::Subnet::Id>
Description: VPC Subnet IDs that Lambda will use

Resources:
EfsFileSystem:
Type: AWS::EFS::FileSystem

MountTarget:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref EfsFileSystem
SubnetId: subnet-abc123
SecurityGroups: !Ref SecurityGroupIds

AccessPoint:
Type: AWS::EFS::AccessPoint
Properties:
FileSystemId: !Ref EfsFileSystem

LambdaFunctionWithEfs:
Type: AWS::Serverless::Function
Properties:
InlineCode: |
const fs = require('fs')
const path = require('path')
const efsMountPath = '/mnt/efs'
exports.handler = async (event, context, callback) => {
const directory = path.join(efsMountPath, event.body)
const files = fs.readdirSync(directory)
return files
}
Handler: index.handler
MemorySize: 128
Runtime: nodejs12.x
Timeout: 3
VpcConfig:
SecurityGroupIds: !Ref SecurityGroupIds
SubnetIds: !Ref VpcSubnetIds
FileSystemConfigs:
- Arn: !GetAtt AccessPoint.Arn
LocalMountPath: /mnt/EFS
115 changes: 115 additions & 0 deletions tests/translator/output/aws-cn/function_with_file_system_config.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
{
"Resources": {
"EfsFileSystem": {
"Type": "AWS::EFS::FileSystem"
},
"LambdaFunctionWithEfs": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Code": {
"ZipFile": "const fs = require('fs')\nconst path = require('path')\nconst efsMountPath = '/mnt/efs'\n\nexports.handler = async (event, context, callback) => {\nconst directory = path.join(efsMountPath, event.body)\nconst files = fs.readdirSync(directory)\nreturn files\n}\n"
},
"VpcConfig": {
"SubnetIds": {
"Ref": "VpcSubnetIds"
},
"SecurityGroupIds": {
"Ref": "SecurityGroupIds"
}
},
"Tags": [
{
"Value": "SAM",
"Key": "lambda:createdBy"
}
],
"MemorySize": 128,
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"LambdaFunctionWithEfsRole",
"Arn"
]
},
"Timeout": 3,
"FileSystemConfigs": [
{
"Arn": {
"Fn::GetAtt": [
"AccessPoint",
"Arn"
]
},
"LocalMountPath": "/mnt/EFS"
}
],
"Runtime": "nodejs12.x"
}
},
"MountTarget": {
"Type": "AWS::EFS::MountTarget",
"Properties": {
"SubnetId": "subnet-abc123",
"FileSystemId": {
"Ref": "EfsFileSystem"
},
"SecurityGroups": {
"Ref": "SecurityGroupIds"
}
}
},
"LambdaFunctionWithEfsRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
}
}
]
},
"ManagedPolicyArns": [
"arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
"arn:aws-cn:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
],
"Tags": [
{
"Value": "SAM",
"Key": "lambda:createdBy"
}
]
}
},
"AccessPoint": {
"Type": "AWS::EFS::AccessPoint",
"Properties": {
"FileSystemId": {
"Ref": "EfsFileSystem"
}
}
}
},
"Description": "SAM + Lambda + EFS",
"Parameters": {
"ExistingEfsFileSystem": {
"Type": "String"
},
"VpcSubnetIds": {
"Type": "List<AWS::EC2::Subnet::Id>",
"Description": "VPC Subnet IDs that Lambda will use"
},
"SecurityGroupIds": {
"Type": "List<AWS::EC2::SecurityGroup::Id>",
"Description": "Security Group IDs that Lambda will use"
}
}
}
115 changes: 115 additions & 0 deletions tests/translator/output/aws-us-gov/function_with_file_system_config.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
{
"Resources": {
"EfsFileSystem": {
"Type": "AWS::EFS::FileSystem"
},
"LambdaFunctionWithEfs": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Code": {
"ZipFile": "const fs = require('fs')\nconst path = require('path')\nconst efsMountPath = '/mnt/efs'\n\nexports.handler = async (event, context, callback) => {\nconst directory = path.join(efsMountPath, event.body)\nconst files = fs.readdirSync(directory)\nreturn files\n}\n"
},
"VpcConfig": {
"SubnetIds": {
"Ref": "VpcSubnetIds"
},
"SecurityGroupIds": {
"Ref": "SecurityGroupIds"
}
},
"Tags": [
{
"Value": "SAM",
"Key": "lambda:createdBy"
}
],
"MemorySize": 128,
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"LambdaFunctionWithEfsRole",
"Arn"
]
},
"Timeout": 3,
"FileSystemConfigs": [
{
"Arn": {
"Fn::GetAtt": [
"AccessPoint",
"Arn"
]
},
"LocalMountPath": "/mnt/EFS"
}
],
"Runtime": "nodejs12.x"
}
},
"MountTarget": {
"Type": "AWS::EFS::MountTarget",
"Properties": {
"SubnetId": "subnet-abc123",
"FileSystemId": {
"Ref": "EfsFileSystem"
},
"SecurityGroups": {
"Ref": "SecurityGroupIds"
}
}
},
"LambdaFunctionWithEfsRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
}
}
]
},
"ManagedPolicyArns": [
"arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
"arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
],
"Tags": [
{
"Value": "SAM",
"Key": "lambda:createdBy"
}
]
}
},
"AccessPoint": {
"Type": "AWS::EFS::AccessPoint",
"Properties": {
"FileSystemId": {
"Ref": "EfsFileSystem"
}
}
}
},
"Description": "SAM + Lambda + EFS",
"Parameters": {
"ExistingEfsFileSystem": {
"Type": "String"
},
"VpcSubnetIds": {
"Type": "List<AWS::EC2::Subnet::Id>",
"Description": "VPC Subnet IDs that Lambda will use"
},
"SecurityGroupIds": {
"Type": "List<AWS::EC2::SecurityGroup::Id>",
"Description": "Security Group IDs that Lambda will use"
}
}
}
4 changes: 2 additions & 2 deletions tests/translator/output/error_globals_unsupported_property.json
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{
"errors": [
{
"errorMessage": "'Globals' section is invalid. 'SomeKey' is not a supported property of 'Function'. Must be one of the following values - ['Handler', 'Runtime', 'CodeUri', 'DeadLetterQueue', 'Description', 'MemorySize', 'Timeout', 'VpcConfig', 'Environment', 'Tags', 'Tracing', 'KmsKeyArn', 'AutoPublishAlias', 'Layers', 'DeploymentPreference', 'PermissionsBoundary', 'ReservedConcurrentExecutions', 'ProvisionedConcurrencyConfig', 'EventInvokeConfig']"
"errorMessage": "'Globals' section is invalid. 'SomeKey' is not a supported property of 'Function'. Must be one of the following values - ['Handler', 'Runtime', 'CodeUri', 'DeadLetterQueue', 'Description', 'MemorySize', 'Timeout', 'VpcConfig', 'Environment', 'Tags', 'Tracing', 'KmsKeyArn', 'AutoPublishAlias', 'Layers', 'DeploymentPreference', 'PermissionsBoundary', 'ReservedConcurrentExecutions', 'ProvisionedConcurrencyConfig', 'EventInvokeConfig', 'FileSystemConfigs']"
}
],
"errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. 'Globals' section is invalid. 'SomeKey' is not a supported property of 'Function'. Must be one of the following values - ['Handler', 'Runtime', 'CodeUri', 'DeadLetterQueue', 'Description', 'MemorySize', 'Timeout', 'VpcConfig', 'Environment', 'Tags', 'Tracing', 'KmsKeyArn', 'AutoPublishAlias', 'Layers', 'DeploymentPreference', 'PermissionsBoundary', 'ReservedConcurrentExecutions', 'ProvisionedConcurrencyConfig', 'AssumeRolePolicyDocument', 'EventInvokeConfig']"
"errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. 'Globals' section is invalid. 'SomeKey' is not a supported property of 'Function'. Must be one of the following values - ['Handler', 'Runtime', 'CodeUri', 'DeadLetterQueue', 'Description', 'MemorySize', 'Timeout', 'VpcConfig', 'Environment', 'Tags', 'Tracing', 'KmsKeyArn', 'AutoPublishAlias', 'Layers', 'DeploymentPreference', 'PermissionsBoundary', 'ReservedConcurrentExecutions', 'ProvisionedConcurrencyConfig', 'AssumeRolePolicyDocument', 'EventInvokeConfig', 'FileSystemConfigs']"
}

0 comments on commit 85501ac

Please sign in to comment.