How it works...
In this recipe, we used the following CloudFormation template components: Resource, AWSTemplateFormatVersion, and Description. Resources are the AWS resources used in the template. AWSTemplateFormatVersion is the version of CloudFormation template the template conforms to.
We used two resources: a role (IAMRoleLambdaExecution) and a Lambda function (LambdaFunctionWithCF) that depends on that role. Resource names can be anything. Type specifies the type of the resource. We used two types, namely AWS::IAM::Role and AWS::Lambda::Function.
The properties of the AWS::IAM::Role resource type that we used are as follows:
- AssumeRolePolicyDocument specifies the trust relationship policy for the role
- Policies specify the policies inline
The properties of the AWS::Lambda::Function resource type that we used are as follows:
- Code property specifies the S3 bucket and the key. You can also specify a reference to an S3 Bucket resource type so that a new bucket is created dynamically and its name is used here.
- FunctionName specifies the name of the Lambda function.
- Handler specifies the fully qualified name of the handler class with the handler method.
- MemorySize specifies the memory in MB. The number of CPU cores is decided by AWS based on the memory.
- Role specifies the role.
- Runtime specifies the runtime (for instance, java8).
- TimeOut specifies the timeout.
To get the role Arn, we used the GetAtt function passing the logical name of the Role and the property name Arn:
Fn::GetAtt is an intrinsic function that returns the value of an attribute from a resource in the template.
We used CloudFormation designer in the recipe to see our template in design view, and then uploaded the template into a stack from the designer. You can also use the Designer to design CloudFormation templates from scratch.