UNPKG

@mapbox/cloudfriend

Version:

Helper functions for assembling CloudFormation templates in JavaScript

github.com/mapbox/cloudfriend

mapbox/cloudfriend

136 lines (127 loc) 5.04 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
'use strict'; const Lambda = require('./lambda'); const merge = require('../merge'); const ServiceRole = require('./service-role'); /** * A Lambda function that runs on in response to a CloudWatch Event. Includes * a Log Group, a Role, an Alarm on function errors, a CloudWatch Event Rule, and * a Lambda permission. * * @param {Object} options - Extends the options for [`Lambda`](#lambda) with the following additional attributes: * @param {String} options.ScheduleExpression - See [AWS documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-scheduleexpression). * @param {String} [options.ScheduleRoleArn=undefined] If specified, the eventbridge scheduler schedule will use this role to invoke your lambda . If not specified a service role with the correct scoped permissions is created for you. * See [AWS documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-rolearn) * @param {String} [options.ScheduleGroupName=undefined] - If specified, the eventbridge scheduler schedule is associated with this preexisting schedule group. * If not specified the schedule is associated with the default schedule group. Note you cannot change a schedule's schedule group once it has been already associated with a schedule group. * See [AWS documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-groupname). * @param {String} [options.State='ENABLED'] - See [AWS documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state). * * @example * const cf = require('@mapbox/cloudfriend'); * * const myTemplate = { ... }; * * // A scheduler service role is already created for you internally with the correct permissions * const lambda = new cf.shortcuts.ScheduledLambda({ * LogicalName: 'MyLambda', * Code: { * S3Bucket: 'my-code-bucket', * S3Key: 'path/to/code.zip' * }, * ScheduleExpression: 'cron(45 * * * ? *)', * }); * * module.exports = cf.merge(myTemplate, lambda); * * @example * const cf = require('@mapbox/cloudfriend'); * * const myTemplate = { ... }; * * // If you are creating your own scheduler service role, be sure your permissions are correct! * const role = new cf.shortcuts.ServiceRole({ * LogicalName: 'MyRole', * Service: 'scheduler.amazonaws.com', * Statement: [ * { * Effect: 'Allow', * Action: 'lambda:InvokeFunction', * Resource: cf.sub('arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:${AWS::StackName}-*') * } * ] * }); * * const lambda = new cf.shortcuts.ScheduledLambda({ * LogicalName: 'MyLambda', * Code: { * S3Bucket: 'my-code-bucket', * S3Key: 'path/to/code.zip' * }, * ScheduleRoleArn: cf.getAtt('MyRole', 'Arn'), * ScheduleExpression: 'rate(1 hour)', * }); * * module.exports = cf.merge(myTemplate, role, lambda); */ class ScheduledLambda extends Lambda { constructor(options) { if (!options) throw new Error('Options required'); super(options); const { ScheduleExpression, ScheduleRoleArn, ScheduleGroupName, State = 'ENABLED' } = options; const required = [ScheduleExpression]; if (required.some((variable) => !variable)) throw new Error('You must provide a ScheduleExpression'); this.Resources[`${this.LogicalName}Scheduler`] = { Type: 'AWS::Scheduler::Schedule', Condition: this.Condition, Properties: { Name: this.FunctionName, Description: { 'Fn::Sub': [ 'Schedule for ${function} in ${AWS::StackName} stack', { function: this.FunctionName } ] }, State, ScheduleExpression, FlexibleTimeWindow: { Mode: 'OFF' }, Target: { Arn: { 'Fn::GetAtt': [this.LogicalName, 'Arn'] } } } }; if (ScheduleGroupName) { this.Resources[`${this.LogicalName}Scheduler`].Properties.GroupName = ScheduleGroupName; } if (ScheduleRoleArn) { this.Resources[`${this.LogicalName}Scheduler`].Properties.Target.RoleArn = ScheduleRoleArn; } else { const serviceRole = new ServiceRole({ LogicalName: `${this.LogicalName}SchedulerRole`, Service: 'scheduler.amazonaws.com', Condition: this.Condition, Statement: [ { Effect: 'Allow', Action: 'lambda:InvokeFunction', Resource: { 'Fn::GetAtt': [this.LogicalName, 'Arn'] } } ] }); this.Resources[`${this.LogicalName}Scheduler`].Properties.Target.RoleArn = { 'Fn::GetAtt': [`${this.LogicalName}SchedulerRole`, 'Arn'] }; this.Resources = merge(this, serviceRole).Resources; } } } module.exports = ScheduledLambda;