From ff71e8f9166277378be31fefad25edab9819524e Mon Sep 17 00:00:00 2001 From: edd Date: Fri, 4 Aug 2023 11:57:59 +0100 Subject: [PATCH] Support capabilities during stack updates ADD: Support for capabilities in update() that is consistent with create() REMOVE: Unused 'cfn_capabilities' variable in create() --- .../packages/CfnStackAssumeRole/lambda.zip | Bin 4555 -> 4565 bytes .../CfnStackAssumeRole/lambda_function.py | 13 +++++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/samples/cloudformation-cross-account/functions/packages/CfnStackAssumeRole/lambda.zip b/samples/cloudformation-cross-account/functions/packages/CfnStackAssumeRole/lambda.zip index b2c571730298bf9d1b779de7e90f6e1fe17c7af0..afc51ce4751a8ca8667a364c5a7b510400155926 100644 GIT binary patch delta 4509 zcmV;O5n}GkBh@1pP)h>@6aWAK2mpg#1XnH3$T1rc008Ha7anL;*vw>A*vw>gcnbgl z1n2_*00ig*006yPZExGi5&o`UvBxwZiBoh=(kl)EbbwD*TBDBR+RpWZDiAcevU#RR zl}jdZ1ONBV%)W4!q$KC1H3GyWXJ=+-XP%vzU1ytZS=H>OtjpJtn;L(5(NuY!-MnV( z89Po>p0b+}9hNZ#-| zx#QKC2-??|T$K3-{r-fnc?I7t`MTobF21ojh*8*4KyV?lve3e>n(qq>Df;%$})c&7x68xg0O3gQL-)~QO7kGFyu4o?5*Q0=czYk zOK*O;IKEy)Z;nsT7AM}Ad6)0b&VD+MtAf3N^dvUh7Uf|1< z1^#BJNTBuOy}vj?fxE&N%-whXamWE;lkFiMVY{TUPF)U(wWX}V|DirKrh2Nd= z9r#+#E3rIUp;m85T+NMnC(av?A4*LtUN==?rYYxmoW@(EZ26DbXWyvmPg{4TSEs4J zdJGjF2ws1r8VLXwYW@j+0qontuES}=XoU45jq7;Kws#LAOX57LQ~*R-N{&RbVRMEZ zSHp+WTaAak$_XEO`~LDwg^Dsy%5R$6z?;80HzOGkO_|4jba;gw_BUnv0Q}P|se`cp zY3X0lgdo^w-AT$N61TY0SDdpH96rPJpnzSsY|?*!#*hUtusFM_VTPM2^FbM9vI)Yf zp!X5FfE~rs9Bl}9G`ghEq!CCbDu`PC6nYRCNbceCX!`2spI4xfKbcHOHRPuC7+SEM z5-t?6MmO{qkT%3asf#!}FvaU%yuNdsbz z9d*MHUry3yvlW5!Nky$2>>3OhQcV9b2+}3yS6=Me;f&mc{I3A^>x_amv1mu5W?mbZ$8~7LRul=!uOk=I%O#MHmiOqIS z$+AdRtV=*YL>;*gV5K0TAM$w#SK!YncL8ytut0_g)edZ-O9&PV#;09LltBa@Z32@? z$YenPgL%@_u){DlLowMlHBv~4Xgsd$M0SZY0g*I%#@;kVLgMPXxK@0i;`pNxkj{T_ z*j72q&yVornQhGyh5}NQ;A!n!YvrXHFl;_+$=zTUTvO0f~E2j5Z$AQkIp$!gA*>k}#4+D{ubb39ZI9j}v_L&_)resTFxB8}_km@|5M-J;wpK zEQ;R^U@yMvC?C{!9N1v(!IBt#ju+r%tP!&8eN#-Qf93TtMo@JVqqu?pNW0o<~bC9vwZ9AF^9NwgFHnB}?DJQJcp z735+oR`G3&XiaiUu#Vbuhc;uF5awJ%;JWyIaeggh*8*jlN2qgP>6PSFI#7h(bSzhE zG2}qpJSk_i7@G)pVZ|oVs|A1Qdb6eQtI#bHO3f5*NS!fZH*KQHHBtt~m7zKSEihe% zj}eZGpy=PgLS#_H{`B(b=xB0u6uvl`{5)K}lLRSl%;M@+%$CDwwUU#mCjidE!q454H;np_L6K=1t zH!n9^B=vBW9WH~b{S5qPQ+~iLQti$nx#MY*QzcBx?9e~aiSVaF#ylGIlx~~H%6*jn zknPCc*Sg8`hjt@3TL^zf|GMx(ht)7JUA>>rWt%R^d0aGGlZLrzaJav|opn*lEk=4% zp~8V-e@Nmzl;i;TU^m@l98;C3XXb2>W_Akq<^*&|(zb?4FWMdiN~)_EcPeBD$eV9Ac{7OGliKhH-(Cr{si6I`^`PP#J>$yD8 zZJh(6XehC zB#(u#PGT-9fF^$^p#qsqD(-I=*MEC=g58>!C|^`S>dQz$3q%nm4pAU@z8+yfe6x3pb|o-scfsFJPyxfBY6}X<_2_^D2 zuE3sP3tgp1;q)5YKFgIsuzL0`c0&z>RvJAd$|Y>Swv zU;Q5E4fm#BByhRKe!FEnDNu)Xnno?u25l3*k^ZX`6;$B)|7f!0{tBxJN-W;S5MM8_ z-D|JaFX}Xeayb<{la3rSd)=}@f1c?QN%t(sty?$4_Br1Gx6^b63bh}OiF)Qsk<-)S zLwSGCHD}9DFF?N}+s66KCkukrH}QYUBK{~Q;Pn>e71{N;f{joaqVKYxf->T^fszjB z0^_BoQzzwUD;Po}i01uNyIT6G40-WsTgjlA`2ZO_c*QnZfnBfA?-*|8FV2sDgWLc< z48)&OdFfpOTbQ`FvL*+bL2QTs7e+1$vjcwvp@ZN>`6W&fJY8(_tPZ@X7cO7Rh>4S= zY>Ha83w9F!S#8j0c@(yb_9viyse1A~Gi#NN5pZ5J!?QKcwIrM^9jtXB8h`v#Jk0W6 z`u&Z{2YcZ+-0;AcrpgbW3;d^@8GiSnKn|p_#+EI{%-A&?V18P_e1LtgcjAyfnx}u2 zT3v;rGNIMx=)|>aw+`)q>0qR5{Z`-86l@6Q85BPRF%UnxpXxwGf5`Vh3r8ze%2Fuq zwTMmV#_X^;94P`DMT4b;B}zLrHZ%;3*q>WF5YaBcc9=;9b{GsBOGR;Kt#&JnB?;*8 z29h0f$|yzduEje}HK3$-nw9vAWulZqzmBvh^vLByEclfhC@DI0%)S_@NR zqmfl!=?P#VW%RcUd~g^S zwG7lGFqLF{z$j88Q`|fJeCZXJ!cuKO0ud`2wF8)By2Vc!e@c=G~W-a-6FR&Lc zxp}?QUJnoQC5fGWynJnxhH+R1DB;)?H4_KK6iJoc(8Y%2UIe5NA*P&0s7|v{=c85M zY-EaIqp48qbYvvkNS>|Yl^=gz1WJ@OYxlc+7iuSSS^U@;@+*7!>K7|t*Q+6aSx({W z3ulC~HqKJ#FKUoxEvFrC5E#Fl+t*4Y|D0DbKE@>~oJ@6y=gHP1O+Y*dx|5R*Ydo6~iShdG_@0F;54Te{)h zX$(+Z=pU#HI{?wP3ozaX)J1JfHbg)h|5TiLL#KlHB3czbX9>`teg z>UOZJ`B~pUl_x0s!T*1~I#qo#__yJ16*hzOI}rFuH}Ll?=phK$>kCOA489SChkZj^ z<-6`<-+u@Ce}b-a9H`upQPvNvr-Rx5c4>Fl;9s)Oe3Q}Sf;|ygjs5!AI&ket zISvg{1I*QE@SuP8kA;@LtnYm5=ucOP>TElYn*vHbeTzrkPt1h8Q8p;Uj&u8qy4-A> zclIOGsA0O54IacbG!kG8y{V& zMA=ZsQ80g~T~TfJfE;uqrrF}(Ji<;Nx(4~mb>6wwUv9U~VasmI5n;!0a%~~t_?t{Q|*}hR=&ZWog$+>g5J@eW#viZ6oc(j(rY;!oqJ+^OgLn<%X$=`>1 zoWl*ggG>~fNpiY@jWoX&4pUOW<(|>;j`Pnm9n7t|U=I_q0k5A7Rm(l6@ z>9zM5(hzx<3;!&G)*(^t1K1Wr5Ci!JyUoj+IHzmp6|RbVjn>>@HLd%RDMFm1mtNOW ze)X*L2(gP)eg)FO+fh|zZqDllGG)$HrEUP*I>KB1_o7m};VbK%O!sXJF?H9u^*)B8 zObCCx-@jh7to8-_SXOkKJE`t?4$%UytXuI8$7lL}HG01KlfsW#t^3NjDnzHOk8@LX zZUz?Fan-r+16HS3JJG>w`uc{xzMM}NwPNc=b2$1hP)h*<9s?8r000O8gI)wzEzig? v8xa5i=RN=c5&#$g000000RR91w1EHs005JV5f=hg*ps9YAqHm=00000-W{eg delta 4478 zcmV-^5rOX2Bg-QfP)h>@6aWAK2mpgz1Xm2mW#$nP004`T7anGn)XZd+)XZdccnbgl z1n2_*00ig*007M!Yj4}g@w``|7~NsjLdR4`z1IXg2uJMUd(n{8Ru?53>Cw~?J1e;R12JkM_4GWLQU zrzua_%>!G!*KdClWieV;<%S3*WyL2+#Zz9?S)2=|pn?&D&#@5AhF_LBpBs>OyiV?T zH70;|_>zk<|D?xH_?lPn?vk%7F7DzR8-o~y9R>s!A}b3`{7OD{fcTe$Z)+GgOwRKR zFfOX9tVW~JU0rY4e@w4_a#5D~`?!d2c@>0RS&Wi(5s5mkxqvBOiDz#eXE{&3DO-B; z%f<2aB6@dxdbT+6#>~6?aCY{~@%-=6>3MW<`QfjZi>oVVd;oO*;r+$g;(CFDCky;$ zpopOL@jhOhAi-T^y02Sm-8Y(OG(TG$pMSh?F&(69cwR|Ze=jSdZB^dFE(%*R9sbnv zhPmF$fy2gL<~2v6NsD20J1+}9 zChcpV!zrWmAYWd$QFlY9Ok0tKumXv8hpatO(af#tKJtPLkq zM`U^w)OHV&e`QN<<#1uv^JF&643`fxe29^j;z|o|cy-pw{LgV!fJgJ~83T;iO!yrA zfSmCHTnLe1;E`@hk<|~3;KZmy>6U{NsH;Hv)OPLQClk%J9Ht^=}&dp2)KvU+i?;TuW2mMW%J^=nSOX?u(zgqfN zv>-6{S$C0gi^MJN^cCkU1%=NrJt!dRmQDK4e;Bd=1`=miHLP$mWj-*YL^eUUDrh`H z6|k*Xila5*4o8>tnm7XL1O-;hp8^jA1BpFc9!=l;_~QyV@+XrCv4+?*A440qlfs1p z*4_>E1*i?-Q0$_g9hhYt?zfUs`Z4tOuz+^p+_h6Xv?RHAc`-vn@RniO+HD4h=71*c ze_r{(OTCqjDN@XGN4|sX?s0g0DPvqFvI2CzNO;h(YqXnir(jP2#Ovfu`Qas;1sS{txccWU~12X@`sYRsFE#;PiZd+<%wz z;5 ziggLz5510z16V0Y*AMx;bXTCyDR&*>MEL?~B2+uDg)SjjEEu15DNzOycoYOClaR@R z04DRKsUgBJwL&r3HZ?*>iYPp;uaEHLnXqONLjoyM@HBTb#U#n%Z!*ZUwUP;~4$CkV{d+W_Duwzi zLijOjwrTs2@|>Fo9cQy5t0TE%e>%=O3Unp~ZT!%by%emYRnAL~z3de$f%cp6XAvoF zplILsa-q`X7g!8u1qWxt%A4PKLc6ie;{=BuS}Q^}H6ssY!#e`ZVOSD{)Yl$t5OA$i7x-L#1&*9aLHRfg&SxWIH7UPd@C zf}(!|8<9Z~`@`#_qoc{uQTXa;^5byzP81}$F^j8PFQh(;qY+D6P|qn9gESdl^KEscMS6ygW;-`DWz&vK`s` zS~q$A&<1i7LeToxe}xx1sD>TW)yMfX_%V^hx_Z>S=URs#Yk@{R5&o~ z4@rLyB{?{JkehBYj;Tu2D{}&*S)KBGb8>VD(zb?)FA5I=Db-bskqXg)XV3|c3ZNQ| z8%9;^DwMy4pk}Z?C6$zUkt#=d*!5O2MFW-qO@tzuU000-f95#DLmFdbKE%?S!Cg=( z;yanyfl`30 zXQFN2qbe?2hXMSfW#fNP*-b|068KbsH}F%VZ9^!;{`jW3F zks1d)>RXE;FXNPEJ0&r(y#KT(=y)TG&V>F)*7?)84=k5v#`T`cbw;?(K%E~=^~q5` zPeHIKt_mu3`>)eR`lBiAAtp<2|8jKHhf-vyQ$mPTe~uZlS3hggQ{`2P5)#!dm*wBZ z14g|09Z&8-q@-*{(0k6DR^LRfBbfpcsxZ0VKq4V$CANvz=E_DsD#jID%-3mjl(n9NFK!oxv~NU?faA8V8a7> zY&%Kr$}9o3B-lwTk}QkpTp)=dq<9&vIov*!IA=&eET+iwlF#U-g`nf5bY8fnV_FUp)i-cmCi_*%p1G9{M%T z8}3cNiQsaJ{dP-ulAt#0G>uwU8?;UMM(VF(R8WEE|D(y0`zx#_D6x1SgMGcicCWox zKdI9Y%H@>pOgePT>UGNo^?9aCB;B(hwQki6+vj`(*iO?KFx0*{Cg_)Gwvt9O^TB2C;0@bk1$MnczazMrzc@es1#$y;F<^g+ z<)wECXkp>r%32(72DTvr+!(nj%r*>ke;wprlwRTzLDR)H&+5RNdg1b|w3s+a%BHAg zyI?2qpH+ZH$s@5{us;CoYt@tQiCMF3gn;Xs8Jw+ft|j1X>G)dLMdQam#ltNBwcig^ zKFAB-VZZ}jnkqefDezA#Gko`@ldH{W|cjACPnx~c8e_iE8 zWkRdP(Xne+ZXMVG(ZNht`YpewDaa7SGe~~O#en_jeyZat`cwW0Z{cvIN?9_+y%Mnj zU7H;iheJhRqiC>{ut;g8#)gJ*Blhc74g|EzVLQkq0^1CRg{7>xvsb$r#*zehcn8Uj zIc1b2ch}+_r5fPVtzn_mh;`jGe~$}!h)G40brLFfiCn~()RVzhP$?UKf?5kxV#ASD zUg-s3A!Yct1blE6dn9k~)3>clpGn9ywRpzXcb28kT;750u{Hb;-5a^#zjt?N%-RNO z5}3+6P?yN4S0Rhe9w)li_Dpq3N&T>fd!9%CWrL8#*a4BP4b}+RAyJi3e@ZEzq@p!NBq(EZxdS}rdUNev&c5?LktzjDGVUePUW6Rbo z9Q?URs_cfYT_pD+Acn}Ff6HZr>Z~1kJ{k}kiDFo2$`N$>MG|c!Pk!-25-$Qp%38Ji zUXF!Yaag-BQ(x~OKck1!HtH(W=_qEqW z)|)V>uT~aq?Vu{jiT^evxBJ*G%u4b2W}CyTkC$h&y;^Dk`c`Vwf0k1-X%trJYwm?*r^2HzwC4%^yCLG=)v)5{>dN)NWka zK}WynUF7lh-b31*f9yH6_h8TUtG*vA&v*8RrjP2(_sOBDHFvA*8eHH1TM$bQ1hH@T z#=|f>7dX#Zyg*qDQf1LBsr6HoU%Mtt`7A@23 z{T40HWdC;-jdr{I)7kO$;_7fvPvP@{?fXR zi^cKZXPQouMkR@~w7zjY-IV{gTf4hX{#I}MY@x{wdt!!b zbSE`^sd;CWN%(X<{6wLss{_7!Xz71w>TOet0}H^Dh0=g5&8(FR*4w&esbSG`uTbaB zi1g9cBAto8K7;igL+ROi_qfy?n@F`4y!w`iC1!-iOVpc!T>RMx{xum&X%c0k&==C$6PG@{@(o!Qg)SiBI zsLWG3lC>qeN2(w4^ht?Y2lf8hT`?>AW{b6*)2H&>18x7DFHd`3Aeq%bPf-tKk*yihI@7+%q-p^^qw=oa2#R?@qq;tTO|#3sk-Z z(7_u_Rb_6s>n1N{&Q+yu>DoNPsQyi-sxw-NE=m-+@NWS3mpvoYlJbi@QQ_O8U4q)tAdaB0H`l_jSPP zcWNa%c$Hq?qSqJb=`vMp-8v3O{{>J>0RkQa6aWAK2mpgz1Xm2mW#$nP004`VfDtSL QmDH225g`U$5dZ)H0P^m=SpWb4 diff --git a/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py index 21773e2..ca94b9d 100644 --- a/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py +++ b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py @@ -305,9 +305,6 @@ def create(event, context): Create a cfn stack using an assumed role """ - cfn_capabilities = [] - if 'capabilities' in event['ResourceProperties'].keys(): - cfn_capabilities = event['ResourceProperties']['Capabilities'] cfn_client = boto3.client("cloudformation") params = get_cfn_parameters(event) prefix = event['ResourceProperties']['ParentStackId'].split("/")[1] @@ -347,17 +344,21 @@ def update(event, context): Update a cfn stack using an assumed role """ stack_id = event["PhysicalResourceId"] - cfn_capabilities = [] + capabilities = [] if 'capabilities' in event['ResourceProperties'].keys(): - cfn_capabilities = event['ResourceProperties']['capabilities'] + capabilities = event['ResourceProperties']['capabilities'] cfn_client = get_client("cloudformation", event, context) physical_resource_id = stack_id + prefix = event['ResourceProperties']['ParentStackId'].split("/")[1] + parent_properties = cfn_client.describe_stacks(StackName=prefix)['Stacks'][0] + if 'Capabilities' in parent_properties.keys(): + capabilities = parent_properties['Capabilities'] try: cfn_client.update_stack( StackName=stack_id, TemplateURL=event['ResourceProperties']['TemplateURL'], Parameters=get_cfn_parameters(event), - Capabilities=cfn_capabilities, + Capabilities=capabilities, Tags=[{ 'Key': 'ParentStackId', 'Value': event['ResourceProperties']['ParentStackId']