1. Advisor
  2. @aws-cdk/aws-cloudformation
  3. functions
  4. @aws-cdk/aws-cloudformation.CustomResourceProvider
View all @aws-cdk/aws-cloudformation analysis

How to use the @aws-cdk/aws-cloudformation.CustomResourceProvider function in @aws-cdk/aws-cloudformation

To help you get started, we’ve selected a few @aws-cdk/aws-cloudformation examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github aws / aws-cdk / packages / @aws-cdk / aws-eks / lib / k8s-resource.ts View on Github external
constructor(scope: Construct, id: string, props: KubernetesResourceProps) {
    super(scope, id);

    const stack = Stack.of(this);

    // we maintain a single manifest custom resource handler for each cluster
    const handler = props.cluster._k8sResourceHandler;
    if (!handler) {
      throw new Error(`Cannot define a KubernetesManifest resource on a cluster with kubectl disabled`);
    }

    new cfn.CustomResource(this, 'Resource', {
      provider: cfn.CustomResourceProvider.lambda(handler),
      resourceType: KubernetesResource.RESOURCE_TYPE,
      properties: {
        // `toJsonString` enables embedding CDK tokens in the manifest and will
        // render a CloudFormation-compatible JSON string (similar to
        // StepFunctions, CloudWatch Dashboards etc).
        Manifest: stack.toJsonString(props.manifest),
      }
    });
  }
}
github aws / aws-cdk / packages / @aws-cdk / aws-eks / lib / cluster-resource.ts View on Github external
// since we don't know the cluster name at this point, we must give this role star resource permissions
    handler.addToRolePolicy(new iam.PolicyStatement({
      actions: [ 'eks:CreateCluster', 'eks:DescribeCluster', 'eks:DeleteCluster', 'eks:UpdateClusterVersion' ],
      resources: [ '*' ]
    }));

    // the CreateCluster API will allow the cluster to assume this role, so we
    // need to allow the lambda execution role to pass it.
    handler.addToRolePolicy(new iam.PolicyStatement({
      actions: [ 'iam:PassRole' ],
      resources: [ props.roleArn ]
    }));

    const resource = new cfn.CustomResource(this, 'Resource', {
      resourceType: ClusterResource.RESOURCE_TYPE,
      provider: cfn.CustomResourceProvider.lambda(handler),
      properties: {
        Config: props
      }
    });

    this.ref = resource.ref;
    this.attrEndpoint = Token.asString(resource.getAtt('Endpoint'));
    this.attrArn = Token.asString(resource.getAtt('Arn'));
    this.attrCertificateAuthorityData = Token.asString(resource.getAtt('CertificateAuthorityData'));
    this.creationRole = handler.role!;
  }
}
github aws / aws-cdk / packages / @aws-cdk / aws-s3-deployment / lib / bucket-deployment.ts View on Github external
});

    const sources: SourceConfig[] = props.sources.map((source: ISource) => source.bind(this));
    sources.forEach(source => source.bucket.grantRead(handler));

    props.destinationBucket.grantReadWrite(handler);
    if (props.distribution) {
      handler.addToRolePolicy(new iam.PolicyStatement({
        effect: iam.Effect.ALLOW,
        actions: ['cloudfront:GetInvalidation', 'cloudfront:CreateInvalidation'],
        resources: ['*'],
      }));
    }

    new cloudformation.CustomResource(this, 'CustomResource', {
      provider: cloudformation.CustomResourceProvider.lambda(handler),
      resourceType: 'Custom::CDKBucketDeployment',
      properties: {
        SourceBucketNames: sources.map(source => source.bucket.bucketName),
        SourceObjectKeys: sources.map(source => source.zipObjectKey),
        DestinationBucketName: props.destinationBucket.bucketName,
        DestinationBucketKeyPrefix: props.destinationKeyPrefix,
        RetainOnDelete: props.retainOnDelete,
        UserMetadata: props.metadata ? mapUserMetadata(props.metadata) : undefined,
        SystemMetadata: mapSystemMetadata(props),
        DistributionId: props.distribution ? props.distribution.distributionId : undefined,
        DistributionPaths: props.distributionPaths
      }
    });
  }
github aws / aws-cdk / packages / @aws-cdk / aws-certificatemanager / lib / dns-validated-certificate.ts View on Github external
});
        requestorFunction.addToRolePolicy(new iam.PolicyStatement({
            actions: ['acm:RequestCertificate', 'acm:DescribeCertificate', 'acm:DeleteCertificate'],
            resources: ['*'],
        }));
        requestorFunction.addToRolePolicy(new iam.PolicyStatement({
            actions: ['route53:GetChange'],
            resources: ['*'],
        }));
        requestorFunction.addToRolePolicy(new iam.PolicyStatement({
            actions: ['route53:changeResourceRecordSets'],
            resources: [`arn:aws:route53:::hostedzone/${this.hostedZoneId}`],
        }));

        const certificate = new cfn.CustomResource(this, 'CertificateRequestorResource', {
            provider: cfn.CustomResourceProvider.lambda(requestorFunction),
            properties: {
                DomainName: props.domainName,
                SubjectAlternativeNames: cdk.Lazy.listValue({ produce: () => props.subjectAlternativeNames }, { omitEmpty: true }),
                HostedZoneId: this.hostedZoneId,
                Region: props.region,
            }
        });

        this.certificateArn = certificate.getAtt('Arn').toString();
    }

@aws-cdk/aws-cloudformation

The CDK Construct Library for AWS::CloudFormation

GitHub
Apache-2.0
Latest version published 11 months ago

Package Health Score

70 / 100
Full package analysis

Popular @aws-cdk/aws-cloudformation functions

Similar packages