CloudFormation stack set resource handler.

.travis.yml

@@ -96,7 +96,7 @@ after_script: "mvn -e coveralls:report"
 
 before_deploy:
     - "eval \"$(ssh-agent -s)\""
-    - "git config user.name \"Travis CI\""
+    - "git config user.stackSetName \"Travis CI\""
     - "git config user.email \"office@wrzasq.pl\""
     - "openssl aes-256-cbc -md sha256 -k \"${SECRET}\" -in .travis/gpg_key.enc -out .travis/gpg_key -d"
     - "openssl aes-256-cbc -md sha256 -k \"${SECRET}\" -in .travis/id_rsa.enc -out .travis/id_rsa -d"

lambda-cform/lambda-cform-organization/src/site/markdown/guide/usage.md

@@ -11,7 +11,7 @@ This resource handler manager organization state (should be applied only on root
 
 # Required permissions
 
-`cform-organization` Lambda needs following permissions:
+`lambda-cform-organization` Lambda needs following permissions:
 
 -   `iam:CreateOrganization`,
 -   `iam:DeleteOrganization`,

lambda-cform/lambda-cform-passwordpolicy/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <groupId>pl.wrzasq.lambda</groupId>
         <artifactId>lambda-cform</artifactId>
-        <version>1.0.1-SNAPSHOT</version>
+        <version>1.0.2-SNAPSHOT</version>
         <relativePath>../</relativePath>
     </parent>
 

lambda-cform/lambda-cform-passwordpolicy/src/site/markdown/guide/usage.md

@@ -11,7 +11,7 @@ This resource handler provisions account password policy.
 
 # Required permissions
 
-`cform-passwordpolicy` Lambda needs following permissions:
+`lambda-cform-passwordpolicy` Lambda needs following permissions:
 
 -   `iam:DeleteAccountPasswordPolicy`,
 -   `iam:UpdateAccountPasswordPolicy`.
@@ -69,7 +69,7 @@ Output properties are same as the specified policy. Custom resource ID is set to
             Code:
                 # put your source bucket
                 S3Bucket: "your-bucket"
-                S3Key: "lambda-cform-passwordpolicy-1.0.1-standalone.jar"
+                S3Key: "lambda-cform-passwordpolicy-1.0.2-standalone.jar"
             Handler: "pl.wrzasq.lambda.cform.passwordpolicy.Handler::handle"
             MemorySize: 256
             Description: "AWS password policy manager deployment."

lambda-cform/lambda-cform-passwordpolicy/src/test/java/test/pl/wrzasq/lambda/cform/passwordpolicy/service/PasswordPolicyManagerTest.java

@@ -41,9 +41,9 @@ public void setPolicy()
         Mockito.verify(this.iam).updateAccountPasswordPolicy(input);
 
         Assertions.assertEquals(
-            "PasswordPolicyManager.setPolicy() should always set fixed string as a resource ID.",
             "password-policy",
-            result.getPhysicalResourceId()
+            result.getPhysicalResourceId(),
+            "PasswordPolicyManager.setPolicy() should always set fixed string as a resource ID."
         );
     }
 

lambda-cform/lambda-cform-stackset/pom.xml

@@ -0,0 +1,118 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+# This file is part of the pl.wrzasq.lambda.
+#
+# @license http://mit-license.org/ The MIT license
+# @copyright 2019 © by Rafał Wrzeszcz - Wrzasq.pl.
+-->
+<project
+    xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="
+        http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd
+">
+    <modelVersion>4.0.0</modelVersion>
+
+    <!-- core project settings -->
+    <artifactId>lambda-cform-stackset</artifactId>
+    <packaging>jar</packaging>
+    <parent>
+        <groupId>pl.wrzasq.lambda</groupId>
+        <artifactId>lambda-cform</artifactId>
+        <version>1.0.2-SNAPSHOT</version>
+        <relativePath>../</relativePath>
+    </parent>
+
+    <!-- project meta info -->
+    <name>WrzasqPl CloudFormation StackSet handler</name>
+    <url>https://rafalwrzeszcz-wrzasqpl.github.io/pl.wrzasq.lambda/lambda-cform/lambda-cform-stackset/</url>
+    <description>StackSet resource handler for CloudFormation.</description>
+    <inceptionYear>2019</inceptionYear>
+
+    <!-- plugins configuration -->
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <configuration>
+                    <usedDependencies>
+                        <usedDependency>${project.groupId}:lambda-json</usedDependency>
+                        <usedDependency>com.amazonaws:aws-xray-recorder-sdk-aws-sdk</usedDependency>
+                        <usedDependency>com.amazonaws:aws-xray-recorder-sdk-aws-sdk-instrumentor</usedDependency>
+                        <usedDependency>io.symphonia:lambda-logging</usedDependency>
+                        <usedDependency>javax.xml.bind:jaxb-api</usedDependency>
+                    </usedDependencies>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-shade-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+    <!-- project dependencies -->
+    <dependencies>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>lambda-json</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-cloudformation</artifactId>
+            <version>1.11.438</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-lambda-java-core</artifactId>
+            <version>1.2.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-xray-recorder-sdk-aws-sdk</artifactId>
+            <version>2.0.1</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-xray-recorder-sdk-aws-sdk-instrumentor</artifactId>
+            <version>2.0.1</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.sunrun</groupId>
+            <artifactId>cfn-response</artifactId>
+            <version>1.1.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>io.symphonia</groupId>
+            <artifactId>lambda-logging</artifactId>
+            <version>1.0.3</version>
+        </dependency>
+
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>2.3.1</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.7.25</version>
+        </dependency>
+
+        <dependency>
+            <groupId>pl.wrzasq.commons</groupId>
+            <artifactId>commons-aws</artifactId>
+            <version>1.0.3</version>
+        </dependency>
+    </dependencies>
+</project>

lambda-cform/lambda-cform-stackset/src/main/checkstyle/java.header

@@ -0,0 +1,8 @@
+^/\*$
+^ \* This file is part of the pl\.wrzasq\.lambda\.$
+^ \*$
+^ \* @license http://mit-license\.org/ The MIT license$
+^ \* @copyright \d{4}[0-9, -]* © by Rafał Wrzeszcz - Wrzasq\.pl\.$
+^ \*/$
+
+^package pl\.wrzasq\.lambda\.cform\.stackset(\..+)?;$

lambda-cform/lambda-cform-stackset/src/main/java/pl/wrzasq/lambda/cform/stackset/Handler.java

@@ -0,0 +1,53 @@
+/*
+ * This file is part of the pl.wrzasq.lambda.
+ *
+ * @license http://mit-license.org/ The MIT license
+ * @copyright 2019 © by Rafał Wrzeszcz - Wrzasq.pl.
+ */
+
+package pl.wrzasq.lambda.cform.stackset;
+
+import com.amazonaws.services.cloudformation.AmazonCloudFormation;
+import com.amazonaws.services.cloudformation.AmazonCloudFormationClientBuilder;
+import com.amazonaws.services.lambda.runtime.Context;
+import com.sunrun.cfnresponse.CfnRequest;
+import pl.wrzasq.commons.aws.cloudformation.CustomResourceHandler;
+import pl.wrzasq.lambda.cform.stackset.model.StackSetRequest;
+import pl.wrzasq.lambda.cform.stackset.model.StackSetResponse;
+import pl.wrzasq.lambda.cform.stackset.service.StackSetManager;
+
+/**
+ * CloudFormation request handler.
+ *
+ * <p>Recommended memory: 256MB.</p>
+ */
+public class Handler
+{
+    /**
+     * CloudFormation response handler.
+     */
+    private static CustomResourceHandler<StackSetRequest, StackSetResponse> handler;
+
+    static {
+        AmazonCloudFormation cloudFormation = AmazonCloudFormationClientBuilder.defaultClient();
+
+        StackSetManager deploy = new StackSetManager(cloudFormation);
+
+        Handler.handler = new CustomResourceHandler<>(
+            deploy::deployStackSet,
+            deploy::deployStackSet,
+            deploy::deleteStackSet
+        );
+    }
+
+    /**
+     * Handles invocation.
+     *
+     * @param request CloudFormation request.
+     * @param context AWS Lambda context.
+     */
+    public void handle(CfnRequest<StackSetRequest> request, Context context)
+    {
+        Handler.handler.handle(request, context);
+    }
+}

lambda-cform/lambda-cform-stackset/src/main/java/pl/wrzasq/lambda/cform/stackset/model/StackSetRequest.java

@@ -0,0 +1,61 @@
+/*
+ * This file is part of the pl.wrzasq.lambda.
+ *
+ * @license http://mit-license.org/ The MIT license
+ * @copyright 2019 © by Rafał Wrzeszcz - Wrzasq.pl.
+ */
+
+package pl.wrzasq.lambda.cform.stackset.model;
+
+import java.util.Map;
+import java.util.Set;
+
+import com.amazonaws.services.cloudformation.model.Capability;
+import lombok.Data;
+
+/**
+ * StackSet CloudFormation request.
+ */
+@Data
+public class StackSetRequest
+{
+    /**
+     * Stack set stackSetName.
+     */
+    private String stackSetName;
+
+    /**
+     * Stack set description.
+     */
+    private String description;
+
+    /**
+     * URL of stack instance template.
+     */
+    private String templateUrl;
+
+    /**
+     * Acknowledge stack set capabilities.
+     */
+    private Set<Capability> capabilities;
+
+    /**
+     * ARN of administration (current account) role to be used to execute stack set actions.
+     */
+    private String administrationRoleArn;
+
+    /**
+     * Name of the execution role to be used on target accounts.
+     */
+    private String executionRoleName;
+
+    /**
+     * Key-value of custom parameters.
+     */
+    private Map<String, String> parameters;
+
+    /**
+     * Resource tags.
+     */
+    private Map<String, String> tags;
+}

lambda-cform/lambda-cform-stackset/src/main/java/pl/wrzasq/lambda/cform/stackset/model/StackSetResponse.java

@@ -0,0 +1,27 @@
+/*
+ * This file is part of the pl.wrzasq.lambda.
+ *
+ * @license http://mit-license.org/ The MIT license
+ * @copyright 2019 © by Rafał Wrzeszcz - Wrzasq.pl.
+ */
+
+package pl.wrzasq.lambda.cform.stackset.model;
+
+import lombok.Data;
+
+/**
+ * StackSet CloudFormation result response.
+ */
+@Data
+public class StackSetResponse
+{
+    /**
+     * Stack set ID.
+     */
+    private String id;
+
+    /**
+     * Stack set stackSetName.
+     */
+    private String stackSetName;
+}