How to use cloudform-types - 10 common examples
To help you get started, we’ve selected a few cloudform-types examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
aws-amplify / amplify-cli / packages / graphql-transformers-e2e-tests / src / cognitoUtils.ts View on Github 
export function addIAMRolesToCFNStack(out: DeploymentResources, e2eConfig: E2Econfiguration) {
const { AUTH_ROLE_NAME, UNAUTH_ROLE_NAME, IDENTITY_POOL_NAME, USER_POOL_CLIENTWEB_NAME, USER_POOL_CLIENT_NAME, USER_POOL_ID } = e2eConfig;
// logic to add IAM roles to cfn
const authRole = new cfnIAM.Role({
RoleName: AUTH_ROLE_NAME,
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Sid: '',
Effect: 'Allow',
Principal: {
Federated: 'cognito-identity.amazonaws.com',
},
Action: 'sts:AssumeRoleWithWebIdentity',
Condition: {
'ForAnyValue:StringLike': {
'cognito-identity.amazonaws.com:amr': 'authenticated',
},
},(acc, k) => ({
...acc,
[k]: customStackParams[k],
}),
{}
);
transformStacks[userStack] = userDefinedStack;
// Split on non alphabetic characters to make a valid resource id.
const stackResourceId = userStack.split(/[^A-Za-z]/).join('');
const customNestedStack = new CloudFormation.Stack({
Parameters: parametersForStack,
TemplateURL: Fn.Join('/', [
'https://s3.amazonaws.com',
Fn.Ref(ResourceConstants.PARAMETERS.S3DeploymentBucket),
Fn.Ref(ResourceConstants.PARAMETERS.S3DeploymentRootKey),
'stacks',
userStack,
]),
}).dependsOn(allResourceIds);
rootStack.Resources[stackResourceId] = customNestedStack;
}
// Update the Root Stack Params since we have added the Child Stack Params if they are missing.
rootStack.Parameters = updatedParameters;
return {
...transformOutput,
resolvers: transformResolvers,
stacks: transformStacks,
};
}{
Effect: 'Allow',
Action: ['appsync:GraphQL'],
Resource: newPolicyResources,
},
],
},
});
for (const resource of resources) {
// We always have 2 parts, no need to check
const resourceParts = resource.split('/');
if (resourceParts[1] !== 'null') {
policyResources.push(
Fn.Sub('arn:aws:appsync:${AWS::Region}:${AWS::AccountId}:apis/${apiId}/types/${typeName}/fields/${fieldName}', {
apiId: {
'Fn::GetAtt': ['GraphQLAPI', 'ApiId'],
},
typeName: resourceParts[0],
fieldName: resourceParts[1],
})
);
resourceSize += RESOURCE_OVERHEAD + resourceParts[0].length + resourceParts[1].length;
} else {
policyResources.push(
Fn.Sub('arn:aws:appsync:${AWS::Region}:${AWS::AccountId}:apis/${apiId}/types/${typeName}/*', {
apiId: {
'Fn::GetAtt': ['GraphQLAPI', 'ApiId'],
},
typeName: resourceParts[0],}
// Providing a parameter value when the parameters is not explicitly defined
// in the template causes CloudFormation to throw an error. This will only
// provide the value to the nested stack if the user has specified it.
const parametersForStack = Object.keys(userDefinedStack.Parameters).reduce(
(acc, k) => ({
...acc,
[k]: customStackParams[k],
}),
{}
);
transformStacks[userStack] = userDefinedStack;
// Split on non alphabetic characters to make a valid resource id.
const stackResourceId = userStack.split(/[^A-Za-z]/).join('');
const customNestedStack = new CloudFormation.Stack({
Parameters: parametersForStack,
TemplateURL: Fn.Join('/', [
'https://s3.amazonaws.com',
Fn.Ref(ResourceConstants.PARAMETERS.S3DeploymentBucket),
Fn.Ref(ResourceConstants.PARAMETERS.S3DeploymentRootKey),
'stacks',
userStack,
]),
}).dependsOn(allResourceIds);
rootStack.Resources[stackResourceId] = customNestedStack;
}
// Update the Root Stack Params since we have added the Child Stack Params if they are missing.
rootStack.Parameters = updatedParameters;
return {
...transformOutput,role = (name: string, region: string): any => {
return new IAM.Role({
RoleName: Fn.If(
ResourceConstants.CONDITIONS.HasEnvironmentParameter,
Fn.Join('-', [
FunctionResourceIDs.FunctionIAMRoleName(name, true), // max of 64. 64-10-26-28 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
]),
Fn.Join('-', [
FunctionResourceIDs.FunctionIAMRoleName(name, false), // max of 64. 64-26-38 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
])
),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Principal: {
Service: 'appsync.amazonaws.com',
},
Action: 'sts:AssumeRole',
},export function syncLambdaIAMRole({ name, region }: { name: string; region?: string }) {
return new IAM.Role({
RoleName: Fn.If(
ResourceConstants.CONDITIONS.HasEnvironmentParameter,
Fn.Join('-', [
name.slice(0, 26), // max of 64. 64-10-26-28 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
]),
Fn.Join('-', [
// tslint:disable-next-line: no-magic-numbers
name.slice(0, 37), // max of 64. 64-26-38 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
])
),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Principal: {
Service: 'appsync.amazonaws.com',
},
Action: 'sts:AssumeRole',...acc,
[name]: Fn.Ref(name),
}),
defaultParameterValues
);
// Also forward the API id of the top level API.
// allParamValues[ResourceConstants.RESOURCES.GraphQLAPILogicalID] = Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId')
for (const stackName of stackFileNames) {
const dependsOnStacks = stackInfo.stackDependencyMap[stackName] || [];
const extraParams = stackInfo.stackParameterMap[stackName] || {};
let stackResource = new CloudFormation.Stack({
Parameters: {
...allParamValues,
...extraParams,
},
TemplateURL: Fn.Join('/', [
'https://s3.amazonaws.com',
Fn.Ref(opts.deployment.deploymentBucketParameterName),
Fn.Ref(opts.deployment.deploymentKeyParameterName),
'stacks',
stackName + '.json',
]),
}).dependsOn([...defaultDependencies, ...dependsOnStacks]);
root.Resources[stackName] = stackResource;
}
return root;
}export function syncLambdaIAMRole({ name, region }: { name: string; region?: string }) {
return new IAM.Role({
RoleName: Fn.If(
ResourceConstants.CONDITIONS.HasEnvironmentParameter,
Fn.Join('-', [
name.slice(0, 26), // max of 64. 64-10-26-28 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
]),
Fn.Join('-', [
// tslint:disable-next-line: no-magic-numbers
name.slice(0, 37), // max of 64. 64-26-38 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
])
),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',
Principal: {
Service: 'appsync.amazonaws.com',
},
Action: 'sts:AssumeRole',
},
],public makeAppSyncApiKey() {
const oneWeekFromNowInSeconds = 60 /* s */ * 60 /* m */ * 24 /* h */ * 7 /* d */
const nowEpochTime = Math.floor(Date.now() / 1000)
return new AppSync.ApiKey({
ApiId: Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'),
Expires: Fn.If(
ResourceConstants.CONDITIONS.APIKeyExpirationEpochIsPositive,
Fn.Ref(ResourceConstants.PARAMETERS.APIKeyExpirationEpoch),
nowEpochTime + oneWeekFromNowInSeconds
),
}).condition(ResourceConstants.CONDITIONS.ShouldCreateAPIKey)
}role = (name: string, region: string): any => {
return new IAM.Role({
RoleName: Fn.If(
ResourceConstants.CONDITIONS.HasEnvironmentParameter,
Fn.Join('-', [
FunctionResourceIDs.FunctionIAMRoleName(name, true), // max of 64. 64-10-26-28 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
]),
Fn.Join('-', [
FunctionResourceIDs.FunctionIAMRoleName(name, false), // max of 64. 64-26-38 = 0
Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
])
),
AssumeRolePolicyDocument: {
Version: '2012-10-17',
Statement: [
{
Effect: 'Allow',cloudform-types
TypeScript AWS CloudFormation template types - used by cloudform
Package Health Score
64 / 100Popular cloudform-types functions
- cloudform-types.AppSync.ApiKey
- cloudform-types.AppSync.DataSource
- cloudform-types.AppSync.Resolver
- cloudform-types.CloudFormation.Stack
- cloudform-types.Fn.Equals
- cloudform-types.Fn.GetAtt
- cloudform-types.Fn.If
- cloudform-types.Fn.ImportValue
- cloudform-types.Fn.Join
- cloudform-types.Fn.Ref
- cloudform-types.Fn.Split
- cloudform-types.Fn.Sub
- cloudform-types.IAM.Role
- cloudform-types.NumberParameter
- cloudform-types.Refs.NoValue
- cloudform-types.StringParameter
- cloudform-types/types/appSync.Resolver
- cloudform-types/types/appSync/resolver
- cloudform-types/types/iam.Role