AWSTemplateFormatVersion: 2010-09-09 Resources: TransformExecutionRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: [lambda.amazonaws.com] Action: ['sts:AssumeRole'] Path: / Policies: - PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: ['logs:*'] Resource: 'arn:aws:logs:*:*:*' TransformFunction: Type: AWS::Lambda::Function Properties: Code: ZipFile: | import traceback import json def obj_iterate(obj, params): if isinstance(obj, dict): for k in obj: obj[k] = obj_iterate(obj[k], params) elif isinstance(obj, list): for i, v in enumerate(obj): obj[i] = obj_iterate(v, params) elif isinstance(obj, str): if obj.startswith("#!PyPlate"): params['output'] = None exec(obj, params) obj = params['output'] return obj def handler(event, context): print(json.dumps(event)) macro_response = { "requestId": event["requestId"], "status": "success" } try: params = { "params": event["templateParameterValues"], "template": event["fragment"], "account_id": event["accountId"], "region": event["region"] } response = event["fragment"] macro_response["fragment"] = obj_iterate(response, params) except Exception as e: traceback.print_exc() macro_response["status"] = "failure" macro_response["errorMessage"] = str(e) return macro_response Handler: index.handler Runtime: python3.6 Role: !GetAtt TransformExecutionRole.Arn TransformFunctionPermissions: Type: AWS::Lambda::Permission Properties: Action: 'lambda:InvokeFunction' FunctionName: !GetAtt TransformFunction.Arn Principal: 'cloudformation.amazonaws.com' Transform: Type: AWS::CloudFormation::Macro Properties: Name: !Sub 'PyPlate' Description: Processes inline python in templates FunctionName: !GetAtt TransformFunction.Arn