aws-sam-cli icon indicating copy to clipboard operation
aws-sam-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

cli command to transform sam template to regular cloudformation template?

Open rhbecker opened this issue 5 years ago • 10 comments

Describe your idea/feature/enhancement

I believe it could be useful to add a command to allow a user to see the cloudformation template produced after serverless transforms are applied.

Proposal

sam transform --template-file PATH --output-template-file PATH

Additional Details

A couple reasons I see value here:

  1. education - for a new user, there's mystery around the effects of using sam syntax ... e.g. what policies are going to be automatically generated based on various properties i specify

  2. some mechanisms in the wild are not yet friendly towards serverless transforms and being able to provide them with vanilla cloudformation, while still taking advantage of sam syntax during compose phase is a nice compromise

rhbecker avatar Apr 22 '19 03:04 rhbecker

@rhbecker Thanks for the issue. Marking as a feature request.

We surface the generated template in sam validate --debug. The generated template is logged when the debug flag is passed in. This can help you (and others) see the template but is defiantly not as convention as a command.

jfuss avatar Apr 22 '19 13:04 jfuss

I tried out the sam validate --debug suggested by @jfuss (thanks!), and it satisfies my immediate need, though obviously it's a bit less convenient to work with than the requested feature.

One issue I'll point out: The output it produced included anchors and aliases, which are apparently not supported by cloudformation. It was easy enough to manually edit in order to remove, but as part of this feature request, it would be ideal for the output of an added transform command to not include anchors and aliases.

rhbecker avatar Apr 22 '19 20:04 rhbecker

I'd like to weight in favor of this feature request as Transforms are not yet supported by StackSets as of Jan 2020:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html#stacksets-macros

renanmontebelo avatar Jan 24 '20 03:01 renanmontebelo

Our group could also use this. Developers do a SAM build for local testing, but cloud engineers maintain a separate Cloud Formation template for deployment. Generating the CF template would reduce work and errors.

marty-brandon-nih avatar Apr 16 '20 20:04 marty-brandon-nih

Another upvote. I would want to use the SAM CLI to generate the CF template to be then aggregated as a child template in a parent application stack.

babeal avatar Apr 23 '20 20:04 babeal

Not a native CLI command but I found this script very helpful

ataylorme avatar Aug 04 '22 19:08 ataylorme

To get the final CloudFormation template that will be deployed, you can also get the change set with:

sam deploy --no-execute-changeset

Then get the processed template with:

aws cloudformation get-template --query TemplateBody --change-set-name <change-set-arn>

Or save this (not prod-ready) as transform.py:

import json
import sys
import uuid

import boto3


def transform(template: str) -> str:
    cfn = boto3.client("cloudformation")
    name = f"transform-{uuid.uuid4()}"
    change_set = cfn.create_change_set(
        TemplateBody=template,
        StackName=name,
        ChangeSetName=name,
        ChangeSetType="CREATE",
        Capabilities=[
            "CAPABILITY_IAM",
            "CAPABILITY_AUTO_EXPAND",
        ],
    )
    change_set_id = change_set["Id"]
    waiter = cfn.get_waiter("change_set_create_complete")
    waiter.wait(
        ChangeSetName=change_set_id,
        WaiterConfig={
            "Delay": 5,
        },
    )
    transformed = cfn.get_template(ChangeSetName=change_set_id)
    cfn.delete_stack(StackName=name)
    return json.dumps(transformed["TemplateBody"])


def main():
    print(transform(sys.stdin.read()))


if __name__ == "__main__":
    main()

Then transform using:

python transform.py < sam-template.yaml > cfn-template.json

hoffa avatar Aug 08 '22 17:08 hoffa

Wrote a Nix flake for the translator app:

Run like this:

$ nix run github:alexoundos/aws-sam-translator-app -- --help
usage: sam-translate.py [-h] [--template-file TEMPLATE_FILE] [--output-template OUTPUT_TEMPLATE]
                        [--s3-bucket S3_BUCKET] [--capabilities CAPABILITIES] [--stack-name STACK_NAME]
                        [--verbose] [--stdout]
                        [command]

Convert SAM templates to CloudFormation templates. Known limitations: cannot transform CodeUri pointing at
local directory.

positional arguments:
  command

options:
  -h, --help            show this help message and exit
  --template-file TEMPLATE_FILE
                        Location of SAM template to transform [default: template.yaml].
  --output-template OUTPUT_TEMPLATE
                        Location to store resulting CloudFormation template [default: transformed-
                        template.json].
  --s3-bucket S3_BUCKET
                        S3 bucket to use for SAM artifacts when using the `package` command
  --capabilities CAPABILITIES
                        Capabilities
  --stack-name STACK_NAME
                        Unique name for your CloudFormation Stack
  --verbose             Enables verbose logging
  --stdout              Write transformed template to stdout instead of a file

AleXoundOS avatar Feb 20 '24 03:02 AleXoundOS

I'm using this method:

https://github.com/aws/serverless-application-model/blob/develop/bin/sam-translate.py

nascit avatar Apr 25 '24 11:04 nascit

Any news on this feature request? Could really help our team in IaC scans

omriyoffe-panw avatar Aug 14 '24 11:08 omriyoffe-panw