Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[0.47.0] Template with Cloudwatch Rule Enable/Disable Parameter does not override the status #1948

Closed
lmayorga1980 opened this issue Apr 28, 2020 · 5 comments
Closed

[0.47.0] Template with Cloudwatch Rule Enable/Disable Parameter does not override the status #1948

lmayorga1980 opened this issue Apr 28, 2020 · 5 comments
Labels
type/question

Comments

@lmayorga1980
Copy link

I am trying to deploy a sam template that has a Cloudwatch Rule that is supposed to be enabled in prod account but disabled in a sandbox account.

AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::Serverless-2016-10-31'
Description: |
  MY LAMBDA FUNCTION
Parameters:
  EnableCWRule:
    Description: Enable Cloudwatch Rule.
    Default: 'false'
    Type: String
    AllowedValues:
      - 'true'
      - 'false'
Conditions:
  EnableCloudWatchRule: !Equals
    - !Ref EnableCWRule
    - 'true'

Globals:
  Function:
    Timeout: 60
Resources:
  MYLAMBDAROLE:
    Type: 'AWS::IAM::Role'
    Properties:
      Path: /MY-LAMBDAS/
      RoleName: MYLAMBDAROLE
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - lambda.amazonaws.com
                - events.amazonaws.com
            Action: 'sts:AssumeRole'
      Policies:
        - PolicyName: MYLAMBDAPOLICY
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Effect: Allow
                Action:
                  - 'logs:CreateLogGroup'
                  - 'logs:CreateLogStream'
                  - 'logs:PutLogEvents'
                Resource: 'arn:aws:logs:*:*:log-group:/aws/lambda/*:*:*'
              - Effect: Allow
                Action:
                  - 'ec2:ModifyImageAttribute'
                Resource: '*'
  MYFUNCTION:
    Type: 'AWS::Serverless::Function'
    Properties:
      CodeUri: src/
      Handler: myfunction.lambda_handler
      Runtime: python3.7
      Role: !GetAtt MYLAMBDAROLE.Arn
      Events:
        TRIGGERCWRULE:
          Properties:
            Schedule: cron(0 4 * * ? *)
            Enabled: !If EnableCloudWatchRule
          Type: Schedule

Outputs:
  MYFUNCTIONOUTPUT:
    Description: MY FUNCTION
    Value: !GetAtt
      - MYFUNCTION
      - Arn

sam deploy

sam deploy --s3-bucket myfunctions-bucket --stack-name my-function-stack --profile myprofile --region us-east-1 --capabilities CAPABILITY_NAMED_IAM --parameter-overrides EnableCWRule=false

Currently, the Cloudwatch Rule is enabled=true and when I run the sam-cli command, it should switch to enable=false. Instead I am getting the following...

        Deploying with following values
        ===============================
        Stack name                 : My-function-stack
        Region                     : us-east-1
        Confirm changeset          : False
        Deployment s3 bucket       :  myfunctions-bucket
        Capabilities               : ["CAPABILITY_NAMED_IAM"]
        Parameter overrides        : {'EnableCWRule': 'false'}

Initiating deployment
=====================

Waiting for changeset to be created..
No changes to deploy. Stack my-function-stack is up to date

🤔 Is there a workaround to pass boolean parameters to my sam deployment process.

Thanks.
@lmayorga1980 lmayorga1980 changed the title [0.47.0] Template with Cloudwatch Rule Enable/Disable Parameter does not update the status [0.47.0] Template with Cloudwatch Rule Enable/Disable Parameter does not override the status Apr 28, 2020
@lmayorga1980 lmayorga1980 mentioned this issue Apr 28, 2020
Closed
@sriram-mv
Copy link
Contributor

You shouldn't need that condition, you should be able to directly !Ref?

@limitusus
Copy link

Seems same as #2150 and aws/serverless-application-model#1329

@z0ph
Copy link

z0ph commented Nov 24, 2020

You shouldn't need that condition, you should be able to directly !Ref?

Even using only !Ref, the value is empty.

@jewelsjacobs
Copy link

FWIW, I have a bash script function workaround. It will remove the lambda CloudWatch Event rule trigger and disable the rule itself for SAM rules with the default serverlessrepo*. names. It should be easy to add parameters / variables to.

I can't find an AWS CLI way to just disable a CloudWatch Event in the Lambda so I remove it.

https://gist.github.com/jewelsjacobs/2ea1b37dd4db5279d038111e77d9d813

@lmayorga1980
Copy link
Author

FWIW, I have a bash script function workaround. It will remove the lambda CloudWatch Event rule trigger and disable the rule itself for SAM rules with the default serverlessrepo*. names. It should be easy to add parameters / variables to.

I can't find an AWS CLI way to just disable a CloudWatch Event in the Lambda so I remove it.

https://gist.github.com/jewelsjacobs/2ea1b37dd4db5279d038111e77d9d813

Your gist is not available.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@limitusus @lmayorga1980 @jewelsjacobs @sriram-mv @z0ph