(fix) pass the condition attribute to the generated function url resources for the conditional functions

Author: moelasmar

samtranslator/model/sam_resources.py

@@ -879,7 +879,8 @@ def _construct_function_url(self, lambda_function, lambda_alias):
         self._validate_function_url_params(lambda_function)
 
         logical_id = f"{lambda_function.logical_id}Url"
-        lambda_url = LambdaUrl(logical_id=logical_id)
+        lambda_url_attributes = self.get_passthrough_resource_attributes()
+        lambda_url = LambdaUrl(logical_id=logical_id, attributes=lambda_url_attributes)
 
         cors = self.FunctionUrlConfig.get("Cors")
         if cors:
@@ -963,7 +964,8 @@ def _construct_url_permission(self, lambda_function):
             return None
 
         logical_id = f"{lambda_function.logical_id}UrlPublicPermissions"
-        lambda_permission = LambdaPermission(logical_id=logical_id)
+        lambda_permission_attributes = self.get_passthrough_resource_attributes()
+        lambda_permission = LambdaPermission(logical_id=logical_id, attributes=lambda_permission_attributes)
         lambda_permission.Action = "lambda:InvokeFunctionUrl"
         lambda_permission.FunctionName = lambda_function.get_runtime_attr("name")
         lambda_permission.Principal = "*"

tests/translator/input/function_with_function_url_config_conditions.yaml

@@ -0,0 +1,35 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Conditions:
+  MyCondition:
+    Fn::Equals:
+      - true
+      - true
+Parameters: {}
+Resources:
+  MyFunction:
+    Condition: MyCondition
+    Type: AWS::Serverless::Function
+    Properties:
+      CodeUri: s3://sam-demo-bucket/hello.zip
+      Description: Created by SAM
+      Handler: index.handler
+      MemorySize: 1024
+      Runtime: nodejs12.x
+      Timeout: 3
+      FunctionUrlConfig:
+        AuthType: NONE
+        Cors:
+            AllowOrigins: 
+              - "https://example.com"
+              - "example1.com"
+              - "example2.com"
+              - "example2.com"
+            AllowMethods: 
+              - "GET"
+            AllowCredentials: true
+            AllowHeaders: 
+              - "x-Custom-Header"
+            ExposeHeaders: 
+              - "x-amzn-header"
+            MaxAge: 10
+

tests/translator/output/aws-cn/function_with_function_url_config_conditions.json

@@ -0,0 +1,113 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Conditions": {
+    "MyCondition": {
+      "Fn::Equals": [
+        true,
+        true
+      ]
+    }
+  },
+  "Parameters": {},
+  "Resources": {
+    "MyFunction": {
+      "Type": "AWS::Lambda::Function",
+      "Condition": "MyCondition",
+      "Properties": {
+        "Code": {
+          "S3Bucket": "sam-demo-bucket",
+          "S3Key": "hello.zip"
+        },
+        "Description": "Created by SAM",
+        "Handler": "index.handler",
+        "MemorySize": 1024,
+        "Role": {
+          "Fn::GetAtt": [
+            "MyFunctionRole",
+            "Arn"
+          ]
+        },
+        "Runtime": "nodejs12.x",
+        "Timeout": 3,
+        "Tags": [
+          {
+            "Key": "lambda:createdBy",
+            "Value": "SAM"
+          }
+        ]
+      }
+    },
+    "MyFunctionUrl": {
+      "Type": "AWS::Lambda::Url",
+      "Condition": "MyCondition",
+      "Properties": {
+        "TargetFunctionArn": {
+          "Ref": "MyFunction"
+        },
+        "AuthType": "NONE",
+        "Cors": {
+          "AllowOrigins": [
+            "https://example.com",
+            "example1.com",
+            "example2.com",
+            "example2.com"
+          ],
+          "AllowMethods": [
+            "GET"
+          ],
+          "AllowCredentials": true,
+          "AllowHeaders": [
+            "x-Custom-Header"
+          ],
+          "ExposeHeaders": [
+            "x-amzn-header"
+          ],
+          "MaxAge": 10
+        }
+      }
+    },
+    "MyFunctionUrlPublicPermissions": {
+      "Type": "AWS::Lambda::Permission",
+      "Condition": "MyCondition",
+      "Properties": {
+        "Action": "lambda:InvokeFunctionUrl",
+        "FunctionName": {
+          "Ref": "MyFunction"
+        },
+        "Principal": "*",
+        "FunctionUrlAuthType": "NONE"
+      }
+    },
+    "MyFunctionRole": {
+      "Type": "AWS::IAM::Role",
+      "Condition": "MyCondition",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Version": "2012-10-17",
+          "Statement": [
+            {
+              "Action": [
+                "sts:AssumeRole"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "Service": [
+                  "lambda.amazonaws.com"
+                ]
+              }
+            }
+          ]
+        },
+        "ManagedPolicyArns": [
+          "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+        ],
+        "Tags": [
+          {
+            "Key": "lambda:createdBy",
+            "Value": "SAM"
+          }
+        ]
+      }
+    }
+  }
+}

tests/translator/output/aws-us-gov/function_with_function_url_config_conditions.json

@@ -0,0 +1,113 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Conditions": {
+    "MyCondition": {
+      "Fn::Equals": [
+        true,
+        true
+      ]
+    }
+  },
+  "Parameters": {},
+  "Resources": {
+    "MyFunction": {
+      "Type": "AWS::Lambda::Function",
+      "Condition": "MyCondition",
+      "Properties": {
+        "Code": {
+          "S3Bucket": "sam-demo-bucket",
+          "S3Key": "hello.zip"
+        },
+        "Description": "Created by SAM",
+        "Handler": "index.handler",
+        "MemorySize": 1024,
+        "Role": {
+          "Fn::GetAtt": [
+            "MyFunctionRole",
+            "Arn"
+          ]
+        },
+        "Runtime": "nodejs12.x",
+        "Timeout": 3,
+        "Tags": [
+          {
+            "Key": "lambda:createdBy",
+            "Value": "SAM"
+          }
+        ]
+      }
+    },
+    "MyFunctionUrl": {
+      "Type": "AWS::Lambda::Url",
+      "Condition": "MyCondition",
+      "Properties": {
+        "TargetFunctionArn": {
+          "Ref": "MyFunction"
+        },
+        "AuthType": "NONE",
+        "Cors": {
+          "AllowOrigins": [
+            "https://example.com",
+            "example1.com",
+            "example2.com",
+            "example2.com"
+          ],
+          "AllowMethods": [
+            "GET"
+          ],
+          "AllowCredentials": true,
+          "AllowHeaders": [
+            "x-Custom-Header"
+          ],
+          "ExposeHeaders": [
+            "x-amzn-header"
+          ],
+          "MaxAge": 10
+        }
+      }
+    },
+    "MyFunctionUrlPublicPermissions": {
+      "Type": "AWS::Lambda::Permission",
+      "Condition": "MyCondition",
+      "Properties": {
+        "Action": "lambda:InvokeFunctionUrl",
+        "FunctionName": {
+          "Ref": "MyFunction"
+        },
+        "Principal": "*",
+        "FunctionUrlAuthType": "NONE"
+      }
+    },
+    "MyFunctionRole": {
+      "Type": "AWS::IAM::Role",
+      "Condition": "MyCondition",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Version": "2012-10-17",
+          "Statement": [
+            {
+              "Action": [
+                "sts:AssumeRole"
+              ],
+              "Effect": "Allow",
+              "Principal": {
+                "Service": [
+                  "lambda.amazonaws.com"
+                ]
+              }
+            }
+          ]
+        },
+        "ManagedPolicyArns": [
+          "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+        ],
+        "Tags": [
+          {
+            "Key": "lambda:createdBy",
+            "Value": "SAM"
+          }
+        ]
+      }
+    }
+  }
+}