Skip to content

Library usage and Default values #3645

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
Library usage and Default values#3645
@kddejong

Description

@kddejong
kddejong
opened on Aug 30, 2024

When using SAM translator as a library on the following template

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: mvp

Parameters:
  AuthorizerFunctionArn:
    Type: AWS::SSM::Parameter::Value<String>
    Default: authorizer.arn
    Description: Gatekeeper Authorizer Function Arn

Resources:
  RestApi:
    Type: AWS::Serverless::Api
    Properties:
      Name: my-api
      StageName: v1
      EndpointConfiguration:
        Type: REGIONAL
      BinaryMediaTypes:
        - "*~1*"
      Auth:
        Authorizers:
          GatekeeperAuth:
            FunctionArn: !Ref AuthorizerFunctionArn
        DefaultAuthorizer: GatekeeperAuth

will provide a template with

"RestApiGatekeeperAuthAuthorizerPermission": {
      "Properties": {
       "Action": "lambda:InvokeFunction",
       "FunctionName": "authorizer.arn",
       "Principal": "apigateway.amazonaws.com",

This is because this code will read the Default value. Not sure fully how this works server side but the SSM parameter substitution must substitute its value into the Default space? Either way it may be nice to not have this value substituted when using SAM translator as a library if the value is a SSM parameter. Or a feature flag that would prevent using Default values at all as I would prefer the REF to be based to any newly created resources.

aws-cloudformation/cfn-lint#3640

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions