-
Notifications
You must be signed in to change notification settings - Fork 11
/
template.yaml
144 lines (134 loc) · 5.77 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
Serverless Form Handler - It accepts a form submission from a webpage, saving the data to a DynamoDB. This also creates a Step Functions State Machine that sends an email via SES. You will need to add/edit the API integration to trigger the Step Function.
##########################################################################
# Parameters & Globals #
##########################################################################
Parameters:
ValidatedEmail:
Type: String
Description: (Required) A validated SES email address for receiving new submissions.
MaxLength: 70
Default: validated@email.com
MinLength: 4
ConstraintDescription: Required. Must be a SES verified email address.
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
Function:
Timeout: 10
Handler: index.handler
Runtime: nodejs16.x
MemorySize: 128
Tracing: Active
Resources:
##########################################################################
# Dynamo DB Table #
##########################################################################
FormDataTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
- AttributeName: formId
AttributeType: S
KeySchema:
- AttributeName: formId
KeyType: HASH
BillingMode: PAY_PER_REQUEST
##########################################################################
# Lambda Function #
##########################################################################
GenerateRefernceNumber:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
CodeUri: functions/GenerateRefernceNumber/
##########################################################################
# Step Function #
##########################################################################
ProcessFormStateMachineExpressSync:
Type: AWS::Serverless::StateMachine # More info about State Machine Resource: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-statemachine.html
Properties:
DefinitionUri: statemachine/sfn-template.asl.json
Tracing:
Enabled: true
DefinitionSubstitutions:
GenerateRefernceNumber: !Ref GenerateRefernceNumber
DDBTable: !Ref FormDataTable
ValidatedEmail: !Ref ValidatedEmail
Policies: # Find out more about SAM policy templates: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html
- LambdaInvokePolicy:
FunctionName: !Ref GenerateRefernceNumber
- DynamoDBWritePolicy:
TableName: !Ref FormDataTable
- ComprehendBasicAccessPolicy: {}
# CW Logs Policy
- Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "cloudwatch:*"
- "logs:*"
Resource: "*"
- SESCrudPolicy:
IdentityName: !Ref ValidatedEmail
Type: EXPRESS
Logging:
Destinations:
- CloudWatchLogsLogGroup:
LogGroupArn: !GetAtt StateMachineLogGroup.Arn
IncludeExecutionData: false
Level: 'ALL'
##########################################################################
# Step Function Log Group #
##########################################################################
StateMachineLogGroup:
Type: AWS::Logs::LogGroup
Properties:
LogGroupName: !Join [ "/", [ "stepfunctions", ProcessFormStateMachineExpressSync]]
##########################################################################
# HTTP API #
##########################################################################
HttpApiforSyncWF:
Type: AWS::Serverless::HttpApi
Properties:
DefinitionBody:
'Fn::Transform':
Name: 'AWS::Include'
Parameters:
Location: 'api.yaml'
##########################################################################
# Roles #
##########################################################################
HttpApiRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- apigateway.amazonaws.com
Action:
- 'sts:AssumeRole'
Policies:
- PolicyName: AllowSFNExec
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: "states:StartSyncExecution"
Resource: !GetAtt ProcessFormStateMachineExpressSync.Arn
##########################################################################
# Outputs #
##########################################################################
Outputs:
FormDataTable:
Description: DynamoDB Table
Value: !Ref FormDataTable
HelloWorldApi:
Description: "Sync WF API endpoint"
Value: !Sub "https://${HttpApiforSyncWF}.execute-api.${AWS::Region}.amazonaws.com"
StepFunctions:
Description: "Step Functions"
Value: !GetAtt ProcessFormStateMachineExpressSync.Arn