You need to upload packaged resource handler (wrzasqpl-aws-edgedeploy.zip
from GitHub Releases) to your S3 bucket. Afterwards you can just execute following template:
Resources: LogGroup: Type: "AWS::Logs::LogGroup" Properties: LogGroupName: "/aws/cloudformation/type/WrzasqPl-AWS-EdgeDeploy/" RetentionInDays: 14 ExecutionRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: "resources.cloudformation.amazonaws.com" Action: "sts:AssumeRole" Policies: - PolicyName: "AllowLoadingPackages" PolicyDocument: Version: "2012-10-17" Statement: - Action: - "s3:GetBucketLocation" - "s3:GetObject" Effect: "Allow" Resource: - "*" - PolicyName: "AllowManagingEdgeLambdas" PolicyDocument: Version: "2012-10-17" Statement: - Action: - "lambda:CreateFunction" - "lambda:DeleteFunction" - "lambda:GetFunction" - "lambda:GetFunctionConfiguration" - "lambda:ListTags" - "lambda:ListVersionsByFunction" - "lambda:PublishVersion" - "lambda:TagResource" - "lambda:UntagResource" - "lambda:UpdateFunctionCode" - "lambda:UpdateFunctionConfiguration" Effect: "Allow" Resource: - !Sub "arn:aws:lambda:us-east-1:${AWS::AccountId}:function:*" - PolicyName: "AllowPassingEdgeRole" PolicyDocument: Version: "2012-10-17" Statement: - Action: - "iam:PassRole" Effect: "Allow" Resource: - "*" LoggingRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: "resources.cloudformation.amazonaws.com" Action: "sts:AssumeRole" Policies: - PolicyName: "AllowSendingMetrics" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: - "cloudwatch:ListMetrics" - "cloudwatch:PutMetricData" - "logs:CreateLogGroup" - "logs:CreateLogStream" - "logs:DescribeLogGroups" - "logs:DescribeLogStreams" - "logs:PutLogEvents" Resource: - "*" EdgeDeployHandler: Type: "AWS::CloudFormation::ResourceVersion" Properties: ExecutionRoleArn: !GetAtt "ExecutionRole.Arn" LoggingConfig: LogGroupName: !Ref "LogGroup" LogRoleArn: !GetAtt "LoggingRole.Arn" SchemaHandlerPackage: "s3://your-bucket-name/wrzasqpl-aws-edgedeploy.zip" TypeName: "WrzasqPl::AWS::EdgeDeploy" EdgeDeployVersion: Type: "AWS::CloudFormation::ResourceDefaultVersion" Properties: TypeVersionArn: !Ref "EdgeDeployHandler"
The easiest way to distribute such package would be AWS Serverless Repository, but unfortunately it doesn’t support AWS::CloudFormation::ResourceVersion
and AWS::CloudFormation::ResourceDefaultVersion
resource types.