Release/v1.29.0

docs/cloudformation_compatibility.rst

@@ -108,6 +108,16 @@ StartingPosition         All
 BatchSize                All
 ======================== ================================== ========================
 
+MQ
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+======================== ================================== ========================
+     Property Name        Intrinsic(s) Supported            Reasons
+======================== ================================== ========================
+Broker                          All
+Queues                          All
+SourceAccessConfigurations      All
+======================== ================================== ========================
+
 MSK
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ======================== ================================== ========================

docs/internals/generated_resources.rst

@@ -326,6 +326,36 @@ AWS::Lambda::Permission            MyFunction\ **MyTrigger**\ Permission
 AWS::Lambda::EventSourceMapping    MyFunction\ **MyTrigger** 
 ================================== ================================
 
+MQ
+^^^^^^^
+
+Example:
+
+.. code:: yaml
+
+  MyFunction:
+    Type: AWS::Serverless::Function
+    Properties:
+      ...
+      Events:
+        MyTrigger:
+          Type: MQ
+          Properties:
+            Broker: arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9
+            SourceAccessConfigurations:
+              Type: BASIC_AUTH
+              URI: arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c
+      ...
+
+Additional generated resources:
+
+================================== ================================
+CloudFormation Resource Type       Logical ID
+================================== ================================
+AWS::Lambda::Permission            MyFunction\ **MyTrigger**\ Permission
+AWS::Lambda::EventSourceMapping    MyFunction\ **MyTrigger**
+================================== ================================
+
 MSK
 ^^^^^^^
 

samtranslator/__init__.py

@@ -1 +1 @@
-__version__ = "1.27.0"
+__version__ = "1.29.0"

samtranslator/model/eventsources/pull.py

@@ -10,7 +10,7 @@
 class PullEventSource(ResourceMacro):
     """Base class for pull event sources for SAM Functions.
 
-    The pull events are Kinesis Streams, DynamoDB Streams, Kafka Streams and SQS Queues. All of these correspond to an
+    The pull events are Kinesis Streams, DynamoDB Streams, Kafka Topics, ActiveMQ Queues and SQS Queues. All of these correspond to an
     EventSourceMapping in Lambda, and require that the execution role be given to Kinesis Streams, DynamoDB
     Streams, or SQS Queues, respectively.
 
@@ -31,6 +31,9 @@ class PullEventSource(ResourceMacro):
         "DestinationConfig": PropertyType(False, is_type(dict)),
         "ParallelizationFactor": PropertyType(False, is_type(int)),
         "Topics": PropertyType(False, is_type(list)),
+        "Broker": PropertyType(False, is_str()),
+        "Queues": PropertyType(False, is_type(list)),
+        "SourceAccessConfigurations": PropertyType(False, is_type(list)),
     }
 
     def get_policy_arn(self):
@@ -60,16 +63,17 @@ def to_cloudformation(self, **kwargs):
         except NotImplementedError:
             function_name_or_arn = function.get_runtime_attr("arn")
 
-        if not self.Stream and not self.Queue:
+        if not self.Stream and not self.Queue and not self.Broker:
             raise InvalidEventException(
-                self.relative_id, "No Queue (for SQS) or Stream (for Kinesis, DynamoDB or MSK) provided."
+                self.relative_id,
+                "No Queue (for SQS) or Stream (for Kinesis, DynamoDB or MSK) or Broker (for ActiveMQ) provided.",
             )
 
         if self.Stream and not self.StartingPosition:
             raise InvalidEventException(self.relative_id, "StartingPosition is required for Kinesis, DynamoDB and MSK.")
 
         lambda_eventsourcemapping.FunctionName = function_name_or_arn
-        lambda_eventsourcemapping.EventSourceArn = self.Stream or self.Queue
+        lambda_eventsourcemapping.EventSourceArn = self.Stream or self.Queue or self.Broker
         lambda_eventsourcemapping.StartingPosition = self.StartingPosition
         lambda_eventsourcemapping.BatchSize = self.BatchSize
         lambda_eventsourcemapping.Enabled = self.Enabled
@@ -79,6 +83,8 @@ def to_cloudformation(self, **kwargs):
         lambda_eventsourcemapping.MaximumRecordAgeInSeconds = self.MaximumRecordAgeInSeconds
         lambda_eventsourcemapping.ParallelizationFactor = self.ParallelizationFactor
         lambda_eventsourcemapping.Topics = self.Topics
+        lambda_eventsourcemapping.Queues = self.Queues
+        lambda_eventsourcemapping.SourceAccessConfigurations = self.SourceAccessConfigurations
 
         destination_config_policy = None
         if self.DestinationConfig:
@@ -170,3 +176,12 @@ class MSK(PullEventSource):
 
     def get_policy_arn(self):
         return ArnGenerator.generate_aws_managed_policy_arn("service-role/AWSLambdaMSKExecutionRole")
+
+
+class MQ(PullEventSource):
+    """MQ event source."""
+
+    resource_type = "MQ"
+
+    def get_policy_arn(self):
+        return ArnGenerator.generate_aws_managed_policy_arn("service-role/AWSLambdaAMQExecutionRole")

samtranslator/model/lambda_.py

@@ -70,6 +70,8 @@ class LambdaEventSourceMapping(Resource):
         "ParallelizationFactor": PropertyType(False, is_type(int)),
         "StartingPosition": PropertyType(False, is_str()),
         "Topics": PropertyType(False, is_type(list)),
+        "Queues": PropertyType(False, is_type(list)),
+        "SourceAccessConfigurations": PropertyType(False, is_type(list)),
     }
 
     runtime_attrs = {"name": lambda self: ref(self.logical_id)}

samtranslator/validator/sam_schema/schema.json

@@ -477,6 +477,9 @@
             {
               "$ref": "#/definitions/AWS::Serverless::Function.MSKEvent"
             },
+            {
+              "$ref": "#/definitions/AWS::Serverless::Function.MQEvent"
+            },
             {
               "$ref": "#/definitions/AWS::Serverless::Function.SQSEvent"
             },
@@ -609,6 +612,26 @@
       ],
       "type": "object"
     },
+    "AWS::Serverless::Function.MQEvent": {
+      "additionalProperties": false,
+      "properties": {
+        "Broker": {
+          "type": "string"
+        },
+        "Queues": {
+          "type": "array"
+        },
+        "SourceAccessConfigurations": {
+          "type": "array"
+        }
+      },
+      "required": [
+        "Broker",
+        "Queues",
+        "SourceAccessConfigurations"
+      ],
+      "type": "object"
+    },
 
     "AWS::Serverless::Function.SQSEvent": {
       "additionalProperties": false,

tests/translator/input/amq.yaml

@@ -0,0 +1,17 @@
+Resources:
+  MQFunction:
+    Type: 'AWS::Serverless::Function'
+    Properties:
+      CodeUri: s3://sam-demo-bucket/queues.zip
+      Handler: queue.mq_handler
+      Runtime: python2.7
+      Events:
+        MyMQQueue:
+          Type: MQ
+          Properties:
+            Broker: arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9
+            Queues:
+              - "Queue1"
+            SourceAccessConfigurations:
+              - Type: BASIC_AUTH
+                URI: arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c

tests/translator/input/error_missing_broker.yaml

@@ -0,0 +1,16 @@
+Resources:
+  MQFunction:
+    Type: 'AWS::Serverless::Function'
+    Properties:
+      CodeUri: s3://sam-demo-bucket/queues.zip
+      Handler: queue.mq_handler
+      Runtime: python2.7
+      Events:
+        MyMQQueue:
+          Type: MQ
+          Properties:
+            Queues:
+              - "Queue1"
+            SourceAccessConfigurations:
+              - Type: BASIC_AUTH
+                URI: arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c

tests/translator/output/amq.json

@@ -0,0 +1,70 @@
+{
+  "Resources": {
+    "MQFunction": {
+      "Type": "AWS::Lambda::Function",
+      "Properties": {
+        "Code": {
+          "S3Bucket": "sam-demo-bucket",
+          "S3Key": "queues.zip"
+        },
+        "Handler": "queue.mq_handler",
+        "Role": {
+          "Fn::GetAtt": [
+            "MQFunctionRole",
+            "Arn"
+          ]
+        },
+        "Runtime": "python2.7",
+        "Tags": [{
+          "Value": "SAM",
+          "Key": "lambda:createdBy"
+        }]
+      }
+    },
+    "MQFunctionMyMQQueue": {
+      "Type": "AWS::Lambda::EventSourceMapping",
+      "Properties": {
+        "EventSourceArn": "arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9",
+        "FunctionName": {
+          "Ref": "MQFunction"
+        },
+        "Queues": ["Queue1"],
+        "SourceAccessConfigurations": [
+          {
+            "Type": "BASIC_AUTH",
+            "URI": "arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c"
+          }
+        ]
+      }
+    },
+    "MQFunctionRole": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "ManagedPolicyArns": [
+          "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+          "arn:aws:iam::aws:policy/service-role/AWSLambdaAMQExecutionRole"
+        ],
+        "Tags": [
+          {
+            "Value": "SAM",
+            "Key": "lambda:createdBy"
+          }
+        ],
+        "AssumeRolePolicyDocument": {
+          "Version": "2012-10-17",
+          "Statement": [{
+            "Action": [
+              "sts:AssumeRole"
+            ],
+            "Effect": "Allow",
+            "Principal": {
+              "Service": [
+                "lambda.amazonaws.com"
+              ]
+            }
+          }]
+        }
+      }
+    }
+  }
+}

tests/translator/output/aws-cn/amq.json

@@ -0,0 +1,70 @@
+{
+  "Resources": {
+    "MQFunction": {
+      "Type": "AWS::Lambda::Function",
+      "Properties": {
+        "Code": {
+          "S3Bucket": "sam-demo-bucket",
+          "S3Key": "queues.zip"
+        },
+        "Handler": "queue.mq_handler",
+        "Role": {
+          "Fn::GetAtt": [
+            "MQFunctionRole",
+            "Arn"
+          ]
+        },
+        "Runtime": "python2.7",
+        "Tags": [{
+          "Value": "SAM",
+          "Key": "lambda:createdBy"
+        }]
+      }
+    },
+    "MQFunctionMyMQQueue": {
+      "Type": "AWS::Lambda::EventSourceMapping",
+      "Properties": {
+        "EventSourceArn": "arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9",
+        "FunctionName": {
+          "Ref": "MQFunction"
+        },
+        "Queues": ["Queue1"],
+        "SourceAccessConfigurations": [
+          {
+            "Type": "BASIC_AUTH",
+            "URI": "arn:aws:secretsmanager:us-west-2:123456789012:secret:my-path/my-secret-name-1a2b3c"
+          }
+        ]
+      }
+    },
+    "MQFunctionRole": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "ManagedPolicyArns": [
+          "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+          "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaAMQExecutionRole"
+        ],
+        "Tags": [
+          {
+            "Value": "SAM",
+            "Key": "lambda:createdBy"
+          }
+        ],
+        "AssumeRolePolicyDocument": {
+          "Version": "2012-10-17",
+          "Statement": [{
+            "Action": [
+              "sts:AssumeRole"
+            ],
+            "Effect": "Allow",
+            "Principal": {
+              "Service": [
+                "lambda.amazonaws.com"
+              ]
+            }
+          }]
+        }
+      }
+    }
+  }
+}