lambda-sleep-delay.yaml
---

Sleep Delay Lambda Function CloudFormation Deployment

This CloudFormation template will deploy the SleepDelay Lambda function to an account.

Due to the 'eventually consistent' nature of AWS, there is a high probability that any IAM Role created in the same CloudFormation stack as the Lambda function which will be assigned to it will fail. The only way I've come up with so far to counter this is to deploy this "SleepDelay" function first. The function literally just sleeps for 10 seconds, then returns 'complete'. This function can now be referenced as a custom resource insie of CloudFormation templates, and use the "DependsOn" option for manually defining dependencies. Have the Custom Resource that calls this function DependsOn the Role resource, then have the Lambda function resource DependsOn the SleepDelay resouce.

Hackish, but works.

AWSTemplateFormatVersion: '2010-09-09' Description: 'UITS Account Foundation: Lambda Base Stack'

Parameters

These are the input parameters for this template. All of these parameters must be supplied for this template to be deployed.

Parameters:

ARN of the Lambda CloudWatch Logging Role

SleepDelayRoleARN: Description: Full ARN of the 'log only' lambda role. Default: arn:aws:iam::998687558142:role/fischerm-fdn-lambda-iam-LambdaLogOnlyRole-1NOHFRFG8AAVF Type: String

Resources

Resources:

Sleep Delay Lambda Function

Create a very basic Lambda function that just sleeps for 30 seconds and then returns SUCCESS.

LambdaFunction: Type: AWS::Lambda::Function Properties: Handler: index.handler Description: SleepDelay Function Role: !Ref SleepDelayRoleARN Runtime: python2.7 Timeout: '60' Code: ZipFile: !Sub | import time import cfnresponse def handler(event, context): time.sleep(30) responseData = {} responseData['Data'] = "Slept for 30 Seconds" cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, "arn:aws:uits.arizona.edu:fischerm:sleep")

CloudWatch Logs Group

Create a CloudWatch Log Group for this Lambda function to log to. This allows us to set the retention timeframe.

LambdaLogGroup: Type: "AWS::Logs::LogGroup" DependsOn: - LambdaFunction Properties: LogGroupName: !Sub "/aws/lambda/${LambdaFunction}" RetentionInDays: 7

Outputs

Outputs: FunctionName: Value: !Ref LambdaFunction Export: Name: "foundation-SleepDelayFunction-name" FunctionArn: Value: !GetAtt LambdaFunction.Arn Export: Name: "foundation-SleepDelayFunction-arn"