serverless-dynamodb-autoscaling/src/aws/role.ts

Serverless Plugin for Amazon DynamoDB Auto Scaling.

import Resource from './resource'

export default class Role extends Resource {
  private readonly type: string = 'AWS::IAM::Role'
  private readonly version: string = '2012-10-17'
  private readonly actions = {
    CloudWatch: [
      'cloudwatch:PutMetricAlarm',
      'cloudwatch:DescribeAlarms',
      'cloudwatch:DeleteAlarms',
      'cloudwatch:GetMetricStatistics',
      'cloudwatch:SetAlarmState'
    ],
    DynamoDB: [
      'dynamodb:DescribeTable',
      'dynamodb:UpdateTable'
    ]
  }

  constructor (
    options: Options
  ) { super(options) }

  public toJSON(): any {
    const RoleName = this.name.role()
    const PolicyName = this.name.policyRole()

    const DependsOn = [ this.options.table ].concat(this.dependencies)
    const Principal = this.principal()
    const Version = this.version
    const Type = this.type

    return {
      [RoleName]: {
        DependsOn,
        Properties: {
          AssumeRolePolicyDocument: {
            Statement: [
              { Action: 'sts:AssumeRole', Effect: 'Allow', Principal }
            ],
            Version
          },
          Policies: [
            {
              PolicyDocument: {
                Statement: [
                  { Action: this.actions.CloudWatch, Effect: 'Allow', Resource: '*' },
                  { Action: this.actions.DynamoDB, Effect: 'Allow', Resource: this.resource() }
                ],
                Version
              },
              PolicyName
            }
          ],
          RoleName
        },
        Type
      }
    }
  }

  private resource(): {} {
    return {
      'Fn::Join': [ '', [ 'arn:aws:dynamodb:*:', { Ref: 'AWS::AccountId' }, ':table/', { Ref: this.options.table } ] ]
    }
  }

  private principal(): {} {
    return {
      Service: 'application-autoscaling.amazonaws.com'
    }
  }
}