knakayama/lambda-acm.yml

## lambda-acm.yml
  LambdaACM:
    Type: AWS::Lambda::Function
    Properties:
      Code:
        ZipFile: |
          import boto3
          import cfnresponse
          def handler(event, context):
              acm = boto3.session.Session(region_name='us-east-1').client('acm')
              static_site_domain = event['ResourceProperties']['StaticSiteDomain']
              print(static_site_domain)
              if event['RequestType'] == 'Delete':
                  resp = acm.list_certificates()
                  acm_summary_list = resp['CertificateSummaryList']
                  while 'NextToken' in resp:
                      resp = acm.list_certificates(NextToken=resp['NextToken'])
                      acm_summary_list.extend(resp['CertificateSummaryList'])
                  for acm_summary in acm_summary_list:
                      print(acm_summary['DomainName'])
                      if acm_summary['DomainName'] == static_site_domain:
                          try:
                              acm.delete_certificate(CertificateArn=acm_summary['CertificateArn'])
                          except Exception:
                              cfnresponse.send(event, context, cfnresponse.FAILED, {})
                          else:
                              cfnresponse.send(event, context, cfnresponse.SUCCESS, {})
                  cfnresponse.send(event, context, cfnresponse.SUCCESS, {})
              try:
                  resp = acm.request_certificate(
                          DomainName=static_site_domain,
                          DomainValidationOptions=[{
                              'DomainName': static_site_domain,
                              'ValidationDomain': '.'.join(static_site_domain.split('.')[1:])}])
              except Exception:
                  cfnresponse.send(event, context, cfnresponse.FAILED, {})
              else:
                  response_data = {}
                  response_data['CertificateArn'] = resp['CertificateArn']
                  cfnresponse.send(event, context, cfnresponse.SUCCESS, response_data)
      Handler: index.handler
      Role: !GetAtt LambdaACMRole.Arn
      Runtime: python2.7
      Timeout: 30
	LambdaACM:
	Type: AWS::Lambda::Function
	Properties:
	Code:
	ZipFile: \|
	import boto3
	import cfnresponse
	def handler(event, context):
	acm = boto3.session.Session(region_name='us-east-1').client('acm')
	static_site_domain = event['ResourceProperties']['StaticSiteDomain']
	print(static_site_domain)
	if event['RequestType'] == 'Delete':
	resp = acm.list_certificates()
	acm_summary_list = resp['CertificateSummaryList']
	while 'NextToken' in resp:
	resp = acm.list_certificates(NextToken=resp['NextToken'])
	acm_summary_list.extend(resp['CertificateSummaryList'])
	for acm_summary in acm_summary_list:
	print(acm_summary['DomainName'])
	if acm_summary['DomainName'] == static_site_domain:
	try:
	acm.delete_certificate(CertificateArn=acm_summary['CertificateArn'])
	except Exception:
	cfnresponse.send(event, context, cfnresponse.FAILED, {})
	else:
	cfnresponse.send(event, context, cfnresponse.SUCCESS, {})
	cfnresponse.send(event, context, cfnresponse.SUCCESS, {})
	try:
	resp = acm.request_certificate(
	DomainName=static_site_domain,
	DomainValidationOptions=[{
	'DomainName': static_site_domain,
	'ValidationDomain': '.'.join(static_site_domain.split('.')[1:])}])
	except Exception:
	cfnresponse.send(event, context, cfnresponse.FAILED, {})
	else:
	response_data = {}
	response_data['CertificateArn'] = resp['CertificateArn']
	cfnresponse.send(event, context, cfnresponse.SUCCESS, response_data)
	Handler: index.handler
	Role: !GetAtt LambdaACMRole.Arn
	Runtime: python2.7
	Timeout: 30