-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtemplate.json
More file actions
112 lines (112 loc) · 5.09 KB
/
template.json
File metadata and controls
112 lines (112 loc) · 5.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
{
"AWSTemplateFormatVersion":"2010-09-09",
"Description":"Stack to create the add responsibility system",
"Resources": {
"AddResponsibilityRole": {
"Type":"AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version":"2012-10-17",
"Statement":[ {"Effect":"Allow", "Principal": {"Service":["lambda.amazonaws.com"]}, "Action":["sts:AssumeRole"] }]
},
"Path":"/",
"Policies":[ {
"PolicyName":"AddResponsibilityPolicy",
"PolicyDocument": {
"Version":"2012-10-17",
"Statement":[ {
"Effect":"Allow",
"Action":["logs:*"],
"Resource":"arn:aws:logs:*:*:*"
}, {
"Effect":"Allow",
"Action":["dynamodb:Query", "dynamodb:BatchWriteItem"],
"Resource":"arn:aws:dynamodb:eu-west-1:209523969378:table/responsibility-store"
}, {
"Effect":"Allow",
"Action":["dynamodb:GetItem", "dynamodb:Query", "dynamodb:BatchWriteItem"],
"Resource":"arn:aws:dynamodb:eu-west-1:209523969378:table/emergency-contact-store"
}, {
"Effect":"Allow",
"Action":["dynamodb:Query"],
"Resource":"arn:aws:dynamodb:eu-west-1:209523969378:table/emergency-contact-store/index/email-Index"
}, {
"Effect":"Allow",
"Action":["dynamodb:Query"],
"Resource":"arn:aws:dynamodb:eu-west-1:209523969378:table/responsibility-store/index/greenID-Index"
}, {
"Effect":"Allow",
"Action":["sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes"],
"Resource": {"Fn::GetAtt":["AddResponsibilityQueue", "Arn"]}
}, {
"Effect":"Allow",
"Action":["sqs:SendMessage"],
"Resource": {"Fn::GetAtt":["AddResponsibilityQueueDLQ", "Arn"]}
},
{
"Effect":"Allow",
"Action":["ses:SendTemplatedEmail"],
"Resource": "arn:aws:ses:eu-west-1:209523969378:identity/*",
"Condition":{
"StringEquals":{
"ses:FromAddress": "donotreply@safe-step.net"
}
}
}
]
}
}]
}
},
"AddResponsibilityQueue": {
"Type":"AWS::SQS::Queue",
"Properties": {
"DelaySeconds": 0,
"ReceiveMessageWaitTimeSeconds": 1,
"QueueName": "add-responsibility-queue",
"RedrivePolicy": {
"deadLetterTargetArn": {"Fn::GetAtt":["AddResponsibilityQueueDLQ", "Arn"]},
"maxReceiveCount": 3
}
}
},
"AddResponsibilityQueueDLQ": {
"Type":"AWS::SQS::Queue",
"Properties": {
"DelaySeconds": 0,
"QueueName": "add-responsibility-queue-dlq"
}
},
"AddResponsibilityLambda": {
"Type":"AWS::Lambda::Function",
"Properties": {
"FunctionName":"add-responsibility",
"Role": {"Fn::GetAtt":["AddResponsibilityRole", "Arn"] },
"Runtime":"nodejs12.x",
"Handler":"dist/index.handler",
"DeadLetterConfig": {
"TargetArn": {"Fn::GetAtt":["AddResponsibilityQueueDLQ", "Arn"] }
},
"Code": {
"S3Bucket":"safe-step-lambda-functions-source",
"S3Key":"add-responsibility.zip",
"S3ObjectVersion": "OVERWRITTEN"
},
"Environment": {
"Variables": {
"NODE_ENV": "production"
}
}
}
},
"AddResponsibilityLambdaEventSourceMapping" : {
"Type": "AWS::Lambda::EventSourceMapping",
"Properties": {
"BatchSize": 5,
"Enabled": true,
"EventSourceArn": {"Fn::GetAtt":["AddResponsibilityQueue", "Arn"]},
"FunctionName": {"Fn::GetAtt":["AddResponsibilityLambda", "Arn"]}
}
}
}
}