Fixed issue 16 (#17)

* Fixed issue 16

* minor change

* minor change

* updated register.sh

* Updated to cloudformation-java-plugin 2.0.5, minor updates to register.sh and CreateHandler.java

* pre-commit check

Author: shantgup

.rpdk-config

@@ -1,4 +1,5 @@
 {
+    "artifact_type": "RESOURCE",
     "typeName": "AWSUtility::CloudFormation::CommandRunner",
     "language": "java",
     "runtime": "java8",
@@ -12,5 +13,6 @@
             "commandrunner"
         ],
         "protocolVersion": "2.0.0"
-    }
+    },
+    "executableEntrypoint": "software.awsutility.cloudformation.commandrunner.HandlerWrapperExecutable"
 }

awsutility-cloudformation-commandrunner.json

@@ -65,9 +65,9 @@
         "cloudformation:DeleteStack",
         "cloudformation:CreateStack",
         "cloudformation:DescribeStacks",
-        "cloudwatch:CreateLogStream",
-        "cloudwatch:DescribeLogGroups",
-        "cloudwatch:PutMetricData",
+        "logs:CreateLogStream",
+        "logs:DescribeLogGroups",
+        "logs:PutMetricData",
         "ssm:GetParameter",
         "ssm:PutParameter",
         "iam:PassRole",
@@ -80,7 +80,7 @@
     "read": {
       "permissions": [
         "ssm:GetParameter",
-        "cloudwatch:PutMetricData"
+        "logs:PutMetricData"
       ]
     },
     "delete": {

pom.xml

@@ -38,7 +38,7 @@
         <dependency>
             <groupId>software.amazon.cloudformation</groupId>
             <artifactId>aws-cloudformation-rpdk-java-plugin</artifactId>
-            <version>2.0.0</version>
+            <version>2.0.5</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-s3 -->
         <dependency>

resource-role.yaml

@@ -26,9 +26,6 @@ Resources:
                 - "cloudformation:CreateStack"
                 - "cloudformation:DeleteStack"
                 - "cloudformation:DescribeStacks"
-                - "cloudwatch:CreateLogStream"
-                - "cloudwatch:DescribeLogGroups"
-                - "cloudwatch:PutMetricData"
                 - "ec2:AuthorizeSecurityGroupEgress"
                 - "ec2:AuthorizeSecurityGroupIngress"
                 - "ec2:CreateSecurityGroup"
@@ -46,6 +43,9 @@ Resources:
                 - "iam:SimulatePrincipalPolicy"
                 - "kms:Decrypt"
                 - "kms:Encrypt"
+                - "logs:CreateLogStream"
+                - "logs:DescribeLogGroups"
+                - "logs:PutMetricData"
                 - "ssm:DeleteParameter"
                 - "ssm:GetParameter"
                 - "ssm:PutParameter"

scripts/register.sh

@@ -38,8 +38,12 @@ echo Creating Execution Role...
 role_stack_id=`aws cloudformation create-stack --stack-name awsutility-cloudformation-commandrunner-execution-role-stack --template-body file://resource-role.yaml --capabilities CAPABILITY_IAM --query StackId --output text 2>> registration_logs.log`
 
 if ! [ $? -eq 0 ]; then
-    echo Execution role already exists.
-    echo Creating Execution Role skipped.
+    #Check if any updates can be made if it already exists
+    role_stack_id=`aws cloudformation update-stack --stack-name awsutility-cloudformation-commandrunner-execution-role-stack --template-body file://resource-role.yaml --capabilities CAPABILITY_IAM --query StackId --output text 2>> registration_logs.log`
+    if ! [ $? -eq 0 ]; then
+        echo Execution role already exists, no changes to be made.
+        echo Creating Execution Role skipped.
+    fi
 fi
 
 stack_progress=`aws cloudformation describe-stacks --stack-name awsutility-cloudformation-commandrunner-execution-role-stack --query Stacks[0].StackStatus --output text`

src/main/java/software/awsutility/cloudformation/commandrunner/CreateHandler.java

@@ -177,7 +177,7 @@ public ProgressEvent<ResourceModel, CallbackContext> handleRequest(
                     AmazonEC2 ec2 = AmazonEC2ClientBuilder.standard().build();
                     DescribeVpcsRequest describeVpcsRequest = new DescribeVpcsRequest();
                     describeVpcsRequest.withFilters(new Filter("isDefault").withValues("true"));
-                    DescribeVpcsResult describeVpcsResult = proxy.injectCredentialsAndInvoke(describeVpcsRequest, ec2::describeVpcs);
+                    DescribeVpcsResult describeVpcsResult = proxy.<DescribeVpcsRequest,DescribeVpcsResult>injectCredentialsAndInvoke(describeVpcsRequest, ec2::describeVpcs);
                     String vpcId = describeVpcsResult.getVpcs().get(0).getVpcId();
                     if (vpcId == null || vpcId.isEmpty()) {
                         System.out.println("No default VPC found in this region, please specify a subnet using the NetworkConfiguration property.");
@@ -190,7 +190,7 @@ public ProgressEvent<ResourceModel, CallbackContext> handleRequest(
                     VpcId.setParameterValue(vpcId);
                     DescribeSubnetsRequest describeSubnetsRequest = new DescribeSubnetsRequest();
                     describeSubnetsRequest.withFilters(new Filter("vpc-id").withValues(vpcId));
-                    DescribeSubnetsResult describeSubnetsResult = proxy.injectCredentialsAndInvoke(describeSubnetsRequest, ec2::describeSubnets);
+                    DescribeSubnetsResult describeSubnetsResult = proxy.<DescribeSubnetsRequest,DescribeSubnetsResult>injectCredentialsAndInvoke(describeSubnetsRequest, ec2::describeSubnets);
                     String subnetId = describeSubnetsResult.getSubnets().get(describeSubnetsResult.getSubnets().size()-1).getSubnetId();
                     if (subnetId == null || subnetId.isEmpty()) {
                         System.out.println("Default VPC has no subnets. Please specify a subnet using the NetworkConfiguration property");
@@ -235,7 +235,7 @@ else if ((model.getSubnetId() != null && model.getSecurityGroupId() == null) ||
                     AmazonEC2 ec2 = AmazonEC2ClientBuilder.standard().build();
                     DescribeSubnetsRequest describeSubnetsRequest = new DescribeSubnetsRequest();
                     describeSubnetsRequest.withFilters(new Filter("subnet-id").withValues(model.getSubnetId()));
-                    DescribeSubnetsResult describeSubnetsResult = proxy.injectCredentialsAndInvoke(describeSubnetsRequest, ec2::describeSubnets);
+                    DescribeSubnetsResult describeSubnetsResult = proxy.<DescribeSubnetsRequest,DescribeSubnetsResult>injectCredentialsAndInvoke(describeSubnetsRequest, ec2::describeSubnets);
                     String vpcId = describeSubnetsResult.getSubnets().get(0).getVpcId();
                     VpcId.setParameterValue(vpcId);
                     parameters.add(VpcId);
@@ -305,7 +305,7 @@ else if ((model.getSubnetId() == null && model.getSecurityGroupId() != null) ||
             wait.setStackName(stackName);
             String  stackStatus = "Unknown";
             String  stackReason = "";
-            List<Stack> stacks = proxy.injectCredentialsAndInvoke(wait, stackbuilder::describeStacks).getStacks();
+            List<Stack> stacks = proxy.<DescribeStacksRequest,DescribeStacksResult>injectCredentialsAndInvoke(wait, stackbuilder::describeStacks).getStacks();
             if (
                     stacks.get(0).getStackStatus().equals(StackStatus.CREATE_COMPLETE.toString()) ||
                     stacks.get(0).getStackStatus().equals(StackStatus.CREATE_FAILED.toString()) ||