/
sample.yaml
executable file
·144 lines (142 loc) · 4.32 KB
/
sample.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
ArtifactsBucket:
Type: String
Description: The S3 bucket where the artifacts are stored
Default: 'awsugblr-cnf-demo'
LambdaArtifactsKey:
Type: String
Description: The key from the S3 Bucket with the artifacts to deploy
Default: 'lambda-sample.zip'
FunctionName:
Type: String
Description: Name of the function
Default: 'lambda-apigateway-sns-test'
Resources:
LambdaApiGatewayRestApi:
Type: AWS::ApiGateway::RestApi
Properties:
ApiKeySourceType: HEADER
Description: An API Gateway with a Lambda Integration
EndpointConfiguration:
Types:
- EDGE
Name: lambda-api
LambdaApiGatewayResource:
Type: AWS::ApiGateway::Resource
Properties:
ParentId: !GetAtt LambdaApiGatewayRestApi.RootResourceId
PathPart: 'lambda'
RestApiId: !Ref LambdaApiGatewayRestApi
LambdaApiGatewayMethod:
Type: AWS::ApiGateway::Method
Properties:
ApiKeyRequired: false
AuthorizationType: NONE
HttpMethod: POST
Integration:
ConnectionType: INTERNET
Credentials: !GetAtt LambdaApiGatewayIamRole.Arn
IntegrationHttpMethod: POST
PassthroughBehavior: WHEN_NO_MATCH
TimeoutInMillis: 29000
Type: AWS_PROXY
Uri: !Sub 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaApiGatewaySNSTest.Arn}/invocations'
OperationName: 'lambda'
ResourceId: !Ref LambdaApiGatewayResource
RestApiId: !Ref LambdaApiGatewayRestApi
LambdaApiGatewayModel:
Type: AWS::ApiGateway::Model
Properties:
ContentType: 'application/json'
RestApiId: !Ref LambdaApiGatewayRestApi
Schema: {}
LambdaApiGatewayStage:
Type: AWS::ApiGateway::Stage
Properties:
DeploymentId: !Ref LambdaApiGatewayDeployment
Description: Lambda API Stage v0
RestApiId: !Ref LambdaApiGatewayRestApi
StageName: 'v0'
LambdaApiGatewayDeployment:
Type: AWS::ApiGateway::Deployment
DependsOn: LambdaApiGatewayMethod
Properties:
Description: Lambda API Deployment
RestApiId: !Ref LambdaApiGatewayRestApi
LambdaApiGatewayIamRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Sid: ''
Effect: 'Allow'
Principal:
Service:
- 'apigateway.amazonaws.com'
Action:
- 'sts:AssumeRole'
Path: '/'
Policies:
- PolicyName: LambdaAccess
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action: 'lambda:*'
Resource: !GetAtt LambdaApiGatewaySNSTest.Arn
LambdaApiGatewaySNSTest:
Type: AWS::Lambda::Function
Properties:
Description: To test apigateway ans sns on OnFailure
Handler: index.handler
Runtime: nodejs12.x
FunctionName: !Ref FunctionName
Code:
S3Bucket: !Ref ArtifactsBucket
S3Key: !Ref LambdaArtifactsKey
Role: !GetAtt LambdaIamRole.Arn
MemorySize: 128
Timeout: 60
LambdaIamRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Principal:
Service:
- 'lambda.amazonaws.com'
- 'sns.amazonaws.com'
Action:
- 'sts:AssumeRole'
Policies:
- PolicyName: root
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- sns:*
Resource: arn:aws:sns:*:*:*
Path: '/'
LambdaEmailAlertSNSTopic:
Type: AWS::SNS::Topic
Properties:
TopicName: lambda-apigateway-sns-test-execution
DisplayName: lambda-apigateway-sns-test-execution
Subscription:
- Endpoint: "example@gmail.com"
Protocol: "EMAIL-JSON"
LambdaEventInvokeConfig:
Type: AWS::Lambda::EventInvokeConfig
Properties:
FunctionName: !Ref LambdaApiGatewaySNSTest
Qualifier: "$LATEST"
MaximumEventAgeInSeconds: 600
MaximumRetryAttempts: 0
DestinationConfig:
OnFailure:
Destination: !Ref LambdaEmailAlertSNSTopic