https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/walkthrough-custom-resources-lambda-lookup-amiids.html

カスタムリソースを使用すると、テンプレートにカスタムのプロビジョニングロジックを記述し、
ユーザーがスタックを作成、更新、削除するたびに AWS CloudFormation がそれを実行します。

-- 1. コマンド等のインストール

-- 1.1 aws cli version 2 インストール

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version

-- 1.2 コマンドインストール
sudo yum -y install jq

-- 2. S3 バケットを作成する

aws s3 mb s3://bucket123

aws s3 ls

-- 3. Lambda用サンプルパッケージのアップロード

wget https://s3.amazonaws.com/cloudformation-examples/lambda/amilookup.zip
unzip amilookup.zip
sed -i.bk 's/amzn-ami-hvm/amzn2-ami-kernel-5.10-hvm/' amilookup.js
diff amilookup.js.bk amilookup.js
zip amilookup.zip amilookup.js

aws s3api put-object --bucket bucket123 --key amilookup.zip --body amilookup.zip --content-type application/zip

aws s3 ls s3://bucket123 --recursive

-- 4. スタック作成

vim a.yaml

AWSTemplateFormatVersion: '2010-09-09'
Description: Custom Resource test
Parameters:
  InstanceType:
    Description: EC2 instance type
    Type: String
    Default: t3.nano
    AllowedValues:
    - t3.nano
    - t3.micro
    - t3.small
    ConstraintDescription: Must be a valid EC2 instance type.
  ModuleName:
    Description: The name of the JavaScript file
    Type: String
    Default: amilookup
  S3Bucket:
    Description: The name of the bucket that contains your packaged source
    Type: String
  S3Key:
    Description: The name of the ZIP package
    Type: String
    Default: amilookup.zip
Mappings:
  AWSInstanceType2Arch:
    t3.nano:
      Arch: HVM64
    t3.micro:
      Arch: HVM64
    t3.small:
      Arch: HVM64

Resources:
  SampleInstance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType:
        Ref: InstanceType
      ImageId:
        Fn::GetAtt:
        - AMIInfo
        - Id
  AMIInfo:
    Type: Custom::AMIInfo
    Properties:
      ServiceToken:
        Fn::GetAtt:
        - AMIInfoFunction
        - Arn
      Region:
        Ref: AWS::Region
      Architecture:
        Fn::FindInMap:
        - AWSInstanceType2Arch
        - Ref: InstanceType
        - Arch
  AMIInfoFunction:
    Type: AWS::Lambda::Function
    Properties:
      Code:
        S3Bucket:
          Ref: S3Bucket
        S3Key:
          Ref: S3Key
      Handler:
        Fn::Join:
        - ''
        - - Ref: ModuleName
          - ".handler"
      Role:
        Fn::GetAtt:
        - LambdaExecutionRole
        - Arn
      Runtime: nodejs12.x
      Timeout: '30'
  LambdaExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
        - Effect: Allow
          Principal:
            Service:
            - lambda.amazonaws.com
          Action:
          - sts:AssumeRole
      Path: "/"
      Policies:
      - PolicyName: root
        PolicyDocument:
          Version: '2012-10-17'
          Statement:
          - Effect: Allow
            Action:
            - logs:CreateLogGroup
            - logs:CreateLogStream
            - logs:PutLogEvents
            Resource: arn:aws:logs:*:*:*
          - Effect: Allow
            Action:
            - ec2:DescribeImages
            Resource: "*"
Outputs:
  AMIID:
    Description: The Amazon EC2 instance AMI ID.
    Value:
      Fn::GetAtt:
      - AMIInfo
      - Id

 

 

aws cloudformation validate-template \
--template-body file://a.yaml

aws cloudformation create-stack \
--stack-name stack01 \
--template-body file://a.yaml \
--parameters ParameterKey=S3Bucket,ParameterValue=bucket123 \
--capabilities CAPABILITY_IAM

 

-- 5. スタック一覧

aws cloudformation describe-stacks \
--stack-name stack01

aws cloudformation describe-stack-resources \
--stack-name stack01

 

-- 6. クリーンアップ

-- スタック削除
aws cloudformation delete-stack \
--stack-name stack01

-- バケットの削除
aws s3 ls
aws s3 rb s3://bucket123 --force