@incdevco/framework

{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "action topic stack", "Parameters": { "AssetsAlarmArn": { "Type": "String" }, "AssetsBucket": { "Type": "String" }, "ConsumerFunctionS3ObjectKey": { "Type": "String" }, "ConsumerFunctionS3ObjectVersion": { "Type": "String" }, "ConsumerFunctionDurationAlarmThreshold": { "Default": 150000.0, "Type": "Number" }, "ConsumerFunctionInvocationAlarmThreshold": { "Default": 10.0, "Type": "Number" }, "ConsumerFunctionMemorySize": { "Default": 128, "Type": "Number" }, "ConsumerFunctionRunTime": { "Default": "nodejs6.10", "Type": "String" }, "ConsumerFunctionTimeout": { "Default": "120", "Type": "String" }, "CustomCFResourceFunctionArn": { "Type": "String" }, "DeadLetterQueueArn": { "Default": "", "Type": "String" }, "DeadLetterQueueMessageRetentionPeriod": { "Default": 1209600, "Type": "Number" }, "DeadLetterQueueUrl": { "Default": "", "Type": "String" }, "EventLogArn": { "Default": "", "Type": "String" }, "EventLogSubscriptionRoleArn": { "Default": "", "Type": "String" }, "Stage": { "Type": "String" }, }, "Conditions": { "IsDevelopment": {"Fn::Not": [{"Fn::Equals": ["production", {"Ref": "Stage"}]}]}, "IsProduction": {"Fn::Equals": ["production", {"Ref": "Stage"}]}, "NoDeadLetterQueue": {"Fn::Equals": ["", {"Ref": "DeadLetterQueueArn"}]} }, "Outputs": { "ConsumerFunctionName": { "Value": {"Fn::GetAtt": ["ConsumerFunctionStack", "Outputs.FunctionName"]} }, "ConsumerFunctionRoleArn": { "Value": {"Fn::GetAtt": ["ConsumerFunctionRole", "Arn"]} }, "ConsumerFunctionRoleName": { "Value": {"Ref": "ConsumerFunctionRole"} }, "DeadLetterQueueArn": { "Value": {"Fn::If": [ "NoDeadLetterQueue", {"Fn::GetAtt": ["DeadLetterQueue", "Arn"]}, {"Ref": "DeadLetterQueueArn"} ]} }, "DeadLetterQueueUrl": { "Value": {"Fn::If": [ "NoDeadLetterQueue", {"Ref": "DeadLetterQueue"}, {"Ref": "DeadLetterQueueUrl"} ]} }, "TopicArn": { "Value": {"Ref": "Topic"} } }, "Mappings": {}, "Resources": { "ConsumerFunctionRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }, "Path": "/", "Policies": [ { "PolicyName": "cloudwatch", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogStreams" ], "Resource": [ "arn:aws:logs:*:*:*" ] } ] } }, { "PolicyName": "dynamodb", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query", "dynamodb:Scan", "dynamodb:UpdateItem" ], "Resource": "*" } ] } }, { "PolicyName": "firehose", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "firehose:PutRecord", "Resource": "*" } ] } }, { "PolicyName": "kms", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "kms:Decrypt", "kms:Encrypt" ], "Resource": "*" } ] } }, { "PolicyName": "sns", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sns:*", "Resource": "*" } ] } }, { "PolicyName": "sqs", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "sqs:*", "Resource": "*" } ] } } ] } }, "ConsumerFunctionStack": { "Type": "AWS::CloudFormation::Stack", "Properties": { "NotificationARNs": {"Ref": "AWS::NotificationARNs"}, "Parameters": { "AlarmActionsArn": {"Ref": "AssetsAlarmArn"}, "CodeS3Bucket": {"Ref": "AssetsBucket"}, "CodeS3ObjectKey": {"Ref": "ConsumerFunctionS3ObjectKey"}, "CodeS3ObjectVersion": {"Ref": "ConsumerFunctionS3ObjectVersion"}, "CustomCFResourceFunctionArn": {"Ref": "CustomCFResourceFunctionArn"}, "DeadLetterQueueArn": {"Fn::If": [ "NoDeadLetterQueue", {"Fn::GetAtt": ["DeadLetterQueue", "Arn"]}, {"Ref": "DeadLetterQueueArn"} ]}, "Description": "will consume actions published to topic arn", "DurationAlarmThreshold": {"Ref": "ConsumerFunctionDurationAlarmThreshold"}, "EventLogArn": {"Ref": "EventLogArn"}, "EventLogSubscriptionRoleArn": {"Ref": "EventLogSubscriptionRoleArn"}, "InvocationAlarmThreshold": {"Ref": "ConsumerFunctionInvocationAlarmThreshold"}, "MemorySize": {"Ref": "ConsumerFunctionMemorySize"}, "RoleArn": {"Fn::GetAtt": ["ConsumerFunctionRole", "Arn"]}, "RoleName": {"Ref": "ConsumerFunctionRole"}, "Runtime": {"Ref": "ConsumerFunctionRunTime"}, "Timeout": {"Ref": "ConsumerFunctionTimeout"} }, "TemplateURL": {"Fn::Join": ["", [ "https://s3-", {"Ref": "AWS::Region"}, ".amazonaws.com/", {"Ref": "AssetsBucket"}, "/incdevco-cf-templates/lambda/function/stack.json" ]]} } }, "DeadLetterQueue": { "Condition": "NoDeadLetterQueue", "DeletionPolicy": "Retain", "Type": "AWS::SQS::Queue", "Properties": { "MessageRetentionPeriod": {"Ref": "DeadLetterQueueMessageRetentionPeriod"} } }, "Permission": { "Type": "AWS::Lambda::Permission", "Properties": { "FunctionName": {"Fn::GetAtt": ["ConsumerFunctionStack", "Outputs.FunctionName"]}, "Principal": "sns.amazonaws.com", "Action": "lambda:InvokeFunction", "SourceArn": {"Ref": "Topic"} } }, "Subscription": { "Type": "AWS::SNS::Subscription", "Properties": { "Endpoint": {"Fn::GetAtt": ["ConsumerFunctionStack", "Outputs.FunctionArn"]}, "Protocol": "lambda", "TopicArn": {"Ref": "Topic"} } }, "Topic": { "Type": "AWS::SNS::Topic", "Properties": { } } } }