Added SQS queue to Lambda function template.

The build folder is now created in the AIM_HOME folder as build/ rather than the current working directory.

src/aim/cftemplates/lambda_function.py

@@ -21,11 +21,13 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
         self.set_parameter('Handler', lambda_config.handler)
         self.set_parameter('Runtime', lambda_config.runtime)
         self.set_parameter('RoleArn', lambda_config.iam_role.get_arn())
+        self.set_parameter('RoleName', lambda_config.iam_role.resolve_ref_obj.role_name)
         self.set_parameter('MemorySize', lambda_config.memory_size)
         self.set_parameter('ReservedConcurrentExecutions', lambda_config.reserved_concurrent_executions)
         self.set_parameter('Timeout', lambda_config.timeout)
         self.set_parameter('CodeS3Bucket', lambda_config.code.s3_bucket + ".name")
         self.set_parameter('CodeS3Key', lambda_config.code.s3_key)
+        self.set_parameter('EnableSDBCache', lambda_config.sdb_cache)
 
         # Define the Template
         template_fmt = """
@@ -49,6 +51,10 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
     Description: "The execution role for the Lambda Function."
     Type: String
 
+  RoleName:
+    Description: "The execution role name for the Lambda Function."
+    Type: String
+
   MemorySize:
     Description: "The amount of memory that your function has access to. Increasing the function's memory also increases its CPU allocation. The default value is 128 MB. The value must be a multiple of 64 MB."
     Type: Number
@@ -70,14 +76,75 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
     Description: "The Amazon S3 key of the deployment package."
     Type: String
 
+  EnableSDBCache:
+    Description: "Boolean indicating whether an SDB Domain will be created to be used as a cache."
+    Type: String
+
 {0[parameters]:s}
 
 Conditions:
   ReservedConcurrentExecutionsIsEnabled: !Not [!Equals [!Ref ReservedConcurrentExecutions, 0]]
+  SDBCacheIsEnabled: !Equals [!Ref EnableSDBCache, 'true']
 
 Resources:
+
+# Dependency Tree
+#
+# InvokePolicy
+# FunctionSQSQueue
+#
+# FunctionSQSMapping
+#   - FunctionSQSQueue
+#   - Function
+#     - LambdaSDBCacheDomain
+#     - SQSExecutionPolicy
+#        - FunctionSQSQueue
+#     - SSMExecutionPolicy
+#        - InvokePolicyParam
+#          - InvokePolicy
+#
+# FunctionSQSQueue
+#
+# FunctionSQSMapping
+#   - Function
+#   - FunctionSQSQueue
+#
+# InvokePolicyParam
+#   - InvokePolicy
+#
+# SSMExecutionPolicy
+#   - InvokePolicyParam
+
+  LambdaSDBCacheDomain:
+    Type: AWS::SDB::Domain
+    Condition: SDBCacheIsEnabled
+    Properties:
+      Description: "Lambda Function Domain"
+
+  LambdaSDBCacheDomainPolicy:
+      Type: AWS::IAM::Policy
+      Condition: SDBCacheIsEnabled
+      DependsOn:
+        - LambdaSDBCacheDomain
+      Properties:
+        PolicyName: 'SDBDomain'
+        PolicyDocument:
+          Version: 2012-10-17
+          Statement:
+            - Effect: Allow
+              Action:
+                - sdb:*
+              Resource: !Sub
+                - arn:aws:sdb:${{AWS::Region}}:${{AWS::AccountId}}:domain/${{DomainName}}
+                - {{ DomainName: !Ref LambdaSDBCacheDomain}}
+        Roles:
+          - !Ref RoleName
+
   Function:
     Type: AWS::Lambda::Function
+    DependsOn:
+      - SQSExecutionPolicy
+      - LambdaSDBCacheDomain
     Properties:
       # Important: If you specify a name, you cannot perform updates that require
       # replacement of this resource. You can perform updates that require no or
@@ -98,6 +165,85 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
           - !Ref AWS::NoValue
       Timeout: !Ref Timeout{0[environment]:s}
 
+  InvokePolicy:
+    Type: AWS::IAM::ManagedPolicy
+    Properties:
+      PolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Action: lambda:InvokeFunction
+            Resource: !GetAtt Function.Arn
+
+  FunctionSQSQueue:
+    Type: AWS::SQS::Queue
+    Properties:
+      # Not specifying a name allows CloudFormation to recreate this
+      # resource if needed.
+      QueueName: !Sub '${{AWS::StackName}}'
+      #FifoQueue: True
+      VisibilityTimeout: !Ref Timeout
+
+  FunctionSQSMapping:
+    Type: AWS::Lambda::EventSourceMapping
+    DependsOn:
+      - Function
+      - FunctionSQSQueue
+    Properties:
+      EventSourceArn: !GetAtt FunctionSQSQueue.Arn
+      FunctionName: !GetAtt Function.Arn
+      BatchSize: 1
+
+  InvokePolicyParam:
+    Type: "AWS::SSM::Parameter"
+    DependsOn:
+      - InvokePolicy
+    Properties:
+      Name: !Sub '${{AWS::StackName}}-InvokePolicy'
+      Type: String
+      Value: !Ref InvokePolicy
+      Tier: Standard
+      Description: "Stores a Lambda functions InvokePolicy Arn"
+
+  SSMExecutionPolicy:
+      Type: AWS::IAM::Policy
+      DependsOn:
+        - InvokePolicyParam
+      Properties:
+        PolicyName: 'SSMPolicy'
+        PolicyDocument:
+          Version: 2012-10-17
+          Statement:
+            - Sid: SSMParameter
+              Effect: Allow
+              Action:
+                - ssm:GetParameter
+                - ssm:GetParameters
+              Resource: !Sub
+                - arn:aws:ssm:${{AWS::Region}}:${{AWS::AccountId}}:parameter/${{ParamName}}
+                - {{ ParamName: !Ref InvokePolicyParam }}
+        Roles:
+          - !Ref RoleName
+
+  SQSExecutionPolicy:
+      Type: AWS::IAM::Policy
+      DependsOn:
+        - FunctionSQSQueue
+      Properties:
+        PolicyName: 'SQSPolicy'
+        PolicyDocument:
+          Version: 2012-10-17
+          Statement:
+            - Sid: SQSQueue
+              Effect: Allow
+              Action:
+                - sqs:ReceiveMessage
+                - sqs:DeleteMessage
+                - sqs:GetQueueAttributes
+              Resource: !GetAtt FunctionSQSQueue.Arn
+        Roles:
+          - !Ref RoleName
+
   #Permission:
   #  Type: AWS::Lambda::Permission
   #  Properties:
@@ -111,9 +257,13 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
 
     FunctionArn:
       Value: !GetAtt Function.Arn
+
+    InvokePolicyArn:
+      Value: !Ref InvokePolicy
 """
         self.register_stack_output_config(lambda_config_ref+'.name', 'FunctionName')
         self.register_stack_output_config(lambda_config_ref+'.arn', 'FunctionArn')
+        self.register_stack_output_config(lambda_config_ref+'.invoke_policy.arn', 'InvokePolicyArn')
 
         template_table = {
             'parameters': "",
@@ -127,6 +277,8 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
         Variables:"""
         var_fmt = """
           {0[key]:s}: !Ref EnvVar{0[param_key]:s}
+"""
+        var_raw_fmt = """          {0[key]:s}: {0[value]:s}
 """
         var_param_fmt = """
   EnvVar{0[param_key]:s}:
@@ -138,21 +290,30 @@ def __init__(self, aim_ctx, account_ctx, aws_region, aws_name, lambda_config, la
           'key': '',
           'value': ''
         }
-
         parameters_yaml = ""
         env_yaml = ""
         env_config = lambda_config.environment
-        if env_config != None:
-            if env_config.variables != None:
-                if len(env_config.variables) > 0:
-                    env_yaml += vars_header
+        variables_exist = False
+        if env_config != None and env_config.variables != None:
+            variables_exist = True
+        if lambda_config.sdb_cache == True:
+            variables_exist = True
+
+
+        if variables_exist:
+            env_yaml += vars_header
+            if env_config != None and env_config.variables != None:
                 for env in env_config.variables:
                     var_table['param_key'] = env.key.replace('_','')
                     var_table['key'] = env.key
                     var_table['value'] = env.value
                     parameters_yaml += var_param_fmt.format(var_table)
                     env_yaml += var_fmt.format(var_table)
-                    self.set_parameter('EnvVar%s' % (var_table['param_key']), env.value)
+                    self.set_parameter('EnvVar%s' % (var_table['param_key']), var_table['value'])
+            if lambda_config.sdb_cache == True:
+                var_table['key'] = 'SDB_CACHE_DOMAIN'
+                var_table['value'] = '!Ref LambdaSDBCacheDomain'
+                env_yaml += var_raw_fmt.format(var_table)
 
         if env_yaml != "":
           template_table['environment'] = env_header + env_yaml

src/aim/commands/helpers.py

@@ -45,6 +45,7 @@ def handle_exceptions(func):
     """
     @wraps(func)
     def decorated(*args, **kwargs):
+        #return func(*args, **kwargs)
         try:
             return func(*args, **kwargs)
         except (InvalidAimReference, UnusedAimProjectField, InvalidAimProjectFile, AimException, StackException, BotoCoreError,

src/aim/config/aim_context.py

@@ -137,7 +137,7 @@ def init_project(self):
         # Config Processor Init
         self.config_processor = ConfigProcessor(self)
         self.project = load_project_from_yaml(self.aim_ref, self.project_folder, None) #self.config_processor.load_yaml)
-        self.build_folder = os.path.join(os.getcwd(), "build", self.project.name)
+        self.build_folder = os.path.join(self.home, "build", self.project.name)
         self.master_account = AccountContext(aim_ctx=self,
                                              name='master',
                                              mfa_account=None)

src/aim/controllers/ctl_iam.py

@@ -20,6 +20,7 @@ def __init__(self, aim_ctx, account_ctx, region, group_id, role_id, role_ref, ro
         self.region = region
 
         self.group_id = group_id
+        self.role_name = None
         self.role_id = role_id
         self.role_ref = role_ref
         self.role_config = role_config