AWSTemplateFormatVersion: 2010-09-09
Description: template.automation.yml
Resources:
Document:
Type: AWS::SSM::Document
Properties:
Name: "${Document name}"
DocumentType: Automation
Attachments:
- Key: "S3FileUrl"
Name: "${ZIP file name}"
Values:
- !Sub "s3://${S3 bucket name}/${ZIP file name}"
Content:
schemaVersion: "0.3"
assumeRole: "${Delegation roll ARN}"
mainSteps:
- action: aws:executeScript
name: RunSetupScript
inputs:
Runtime: "${Runtime name}"
Handler: "${Python file name}.${Function name}"
InputPayload:
"${Payload}"
files:
${ZIP file name}:
checksums:
sha256: "${The hash value of the zip file}"
resource "null_resource" "install_requirements" {
triggers = {
always_run = "${timestamp()}"
}
provisioner "local-exec" {
command = "pip install -r ${path.root}/src/requirements.txt -t ${path.root}/src/modules"
}
}
data "archive_file" "file" {
depends_on = [ null_resource.install_requirements ]
type = "zip"
source_dir = "${path.root}/src/modules"
output_path = "${path.root}/src/modules.zip"
}
resource "aws_s3_object" "object" {
bucket = "${S3 bucket name}"
key = "modules.zip"
source = data.archive_file.file.output_path
}
resource "aws_ssm_document" "document" {
depends_on = [ aws_s3_object.object ]
name = "${ドキュメント名}"
document_type = "Automation"
document_format = "JSON"
attachments_source {
key = "S3FileUrl"
name = "modules.zip"
values = [
"https://"${S3 bucket name}".s3.amazonaws.com/modules.zip"
]
}
content = jsonencode({
assumeRole = "${Delegation Roll ARN}"
schemaVersion = "0.3"
mainSteps = [
{
action = "aws:executeScript"
name = "RunSetupScript"
inputs = {
Runtime = "${Runtime name}"
Handler = "${関数名}"
Script = "${file("${path.root}/src/runbook.py")}"
Attachment = "modules.zip"
}
}
]
files = {
"modules.zip" = {
checksums = {
sha256 = filesha256(data.archive_file.file.output_path)
}
}
}
})
}
{
"_AWS_XRAY_DAEMON_ADDRESS": "169.254.79.129",
"_AWS_XRAY_DAEMON_PORT": "2000",
"_HANDLER": "FalconPythonWrapper.lambda_handler",
"_X_AMZN_TRACE_ID": "Root=x-xxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx;Parent=xxxxxxxxxxxxxxxx;Sampled=1;Lineage=xxxxxxxx:x|xxxxxxxx:x|xxxxxxxx:x",
"AWS_ACCESS_KEY_ID": "xxxxxxxxxx",
"AWS_DEFAULT_REGION": "us-east-2",
"AWS_EXECUTION_ENV": "AWS_Lambda_python3.8",
"AWS_LAMBDA_FUNCTION_MEMORY_SIZE": "512",
"AWS_LAMBDA_FUNCTION_NAME": "Falcon-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"AWS_LAMBDA_FUNCTION_VERSION": "$LATEST",
"AWS_LAMBDA_INITIALIZATION_TYPE": "on-demand",
"AWS_LAMBDA_LOG_GROUP_NAME": "/aws/lambda/Falcon-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"AWS_LAMBDA_LOG_STREAM_NAME": "2023/12/14/[$LATEST]xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"AWS_LAMBDA_RUNTIME_API": "127.0.0.1:9001",
"AWS_REGION": "us-east-2",
"AWS_SECRET_ACCESS_KEY": "xxxxxxxxxx",
"AWS_SECURITY_TOKEN": "xxxxxxxxxx",
"AWS_SESSION_TOKEN": "xxxxxxxxxx",
"AWS_XRAY_CONTEXT_MISSING": "LOG_ERROR",
"AWS_XRAY_DAEMON_ADDRESS": "169.254.79.129:2000",
"LAMBDA_RUNTIME_DIR": "/var/runtime",
"LAMBDA_TASK_ROOT": "/var/task",
"LANG": "en_US.UTF-8",
"LD_LIBRARY_PATH": "/var/lang/lib:/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib:/opt/lib",
"PATH": "/var/lang/bin:/usr/local/bin:/usr/bin/:/bin:/opt/bin",
"PWD": "/var/task",
"PYTHONPATH": "/var/runtime:/tmp/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx-2023-12-14-10-36-37",
"SHLVL": "0",
"TZ": ":UTC"
}