Simplify mozdef-mq logic to get AMQP endpoint URI

Add clarification comments about the template not
being used

cloudy_mozdef/cloudformation/mozdef-mq.yml

@@ -1,5 +1,12 @@
 AWSTemplateFormatVersion: 2010-09-09
 Description: Creates MozDef Amazon MQ
+# This template is unused currently as Amazon MQ supports only amqp protocol 1.0
+# and MozDef expects to talk to a Rabbit MQ instance speaking the default Rabbit
+# MQ protocol of amqp protocol 0.9.1
+# https://aws.amazon.com/blogs/compute/migrating-from-rabbitmq-to-amazon-mq/
+# If AWS adds support for amqp 0.9.1 to Amazon MQ or if we refactor MozDef to speak
+# amqp 1.0 to Rabbit MQ (which can support amqp 1.0 with a plugin), then we can
+# move to using this template instead of running Rabbit MQ on an EC2 instance
 Parameters:
   MQUserParameter:
     Type: String
@@ -102,6 +109,7 @@ Resources:
     Type: AWS::Lambda::Function
     Condition: PasswordIsNotSet
     Properties:
+      Description: Function used within CloudFormation to generate a default strong password for use in the AmazonMQ Broker
       Code:
         ZipFile: |
           import cfnresponse
@@ -120,40 +128,12 @@ Resources:
         - Key: stack
           Value: !Ref AWS::StackName
       Timeout: 20
-  MQBrokerURLLookupLambdaFunction:
-    Type: AWS::Lambda::Function
-    Properties:
-      Code:
-        ZipFile: |
-          import cfnresponse
-          import boto3, secrets, string
-          from urllib.parse import urlparse
-          def handler(event, context):
-            response = boto3.client('mq').describe_broker(BrokerId=event['ResourceProperties']['BrokerID'])
-            url = urlparse(next(x for x in response['BrokerInstances'][0]['Endpoints'] if x.startswith('amqp+ssl://')))
-            response = {'URL': url.geturl(), 'HostName': url.hostname, 'Scheme': url.scheme, 'Port': url.port}
-            physical_id = ''.join(secrets.choice(string.ascii_uppercase + string.digits) for i in range(13))
-            cfnresponse.send(event, context, cfnresponse.SUCCESS, response, "MQBrokerURLLookup-%s" % physical_id)
-      Handler: index.handler
-      Runtime: python3.6
-      Role: !GetAtt CloudFormationLambdaIAMRole.Arn
-      Tags:
-        - Key: application
-          Value: mozdef
-        - Key: stack
-          Value: !Ref AWS::StackName
-      Timeout: 20
   DefaultPassword:
     Type: AWS::CloudFormation::CustomResource
     Condition: PasswordIsNotSet
     Properties:
       Length: 16
       ServiceToken: !GetAtt DefaultPasswordGeneratorLambdaFunction.Arn
-  MQBrokerURL:
-    Type: AWS::CloudFormation::CustomResource
-    Properties:
-      BrokerID: !Ref MozDefAmazonMQ
-      ServiceToken: !GetAtt MQBrokerURLLookupLambdaFunction.Arn
 Outputs:
   MQUser:
     Description: Username of the MQ user
@@ -163,10 +143,10 @@ Outputs:
     Value: !If [ PasswordIsSet, !Ref MQPasswordParameter, !GetAtt DefaultPassword.Password ]
   MQHostName:
     Description: Hostname of the AMQP broker
-    Value: !GetAtt MQBrokerURL.HostName
+    Value: !Select [ 0, !Split [ ':', !Select [ 2, !Split [ '/', !Select [ 0, !GetAtt 'MozDefAmazonMQ.AmqpEndpoints' ] ] ] ] ]
   MQScheme:
     Description: Scheme of the AMQP broker
-    Value: !GetAtt MQBrokerURL.Scheme
+    Value: !Select [ 0, !Split [ '/', !Select [ 0, !GetAtt 'MozDefAmazonMQ.AmqpEndpoints' ] ] ]
   MQPort:
     Description: Port of the AMQP broker
-    Value: !GetAtt MQBrokerURL.Port
+    Value: !Select [ 2, !Split [ ':', !Select [ 0, !GetAtt 'MozDefAmazonMQ.AmqpEndpoints' ] ] ]