Last active
July 8, 2020 23:32
-
-
Save diondree/f9509bdb70a83b30d19a13b965e5e667 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "Lambda resource stack creation using Amplify CLI", | |
| "Parameters": { | |
| "CloudWatchRule": { | |
| "Type": "String", | |
| "Default": "NONE", | |
| "Description": " Schedule Expression" | |
| }, | |
| "env": { | |
| "Type": "String" | |
| }, | |
| "authdpportalb4b5d85fUserPoolId": { | |
| "Type": "String", | |
| "Default": "authdpportalb4b5d85fUserPoolId" | |
| } | |
| }, | |
| "Conditions": { | |
| "ShouldNotCreateEnvResources": { | |
| "Fn::Equals": [ | |
| { | |
| "Ref": "env" | |
| }, | |
| "NONE" | |
| ] | |
| } | |
| }, | |
| "Resources": { | |
| "LambdaFunction": { | |
| "Type": "AWS::Lambda::Function", | |
| "Metadata": { | |
| "aws:asset:path": "./src", | |
| "aws:asset:property": "Code" | |
| }, | |
| "Properties": { | |
| "Handler": "index.handler", | |
| "FunctionName": { | |
| "Fn::If": [ | |
| "ShouldNotCreateEnvResources", | |
| "postUserSignUp", | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "postUserSignUp", | |
| "-", | |
| { | |
| "Ref": "env" | |
| } | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| "VpcConfig": { | |
| "SecurityGroupIds": ["sg-0a27f813858a654c4"], | |
| "SubnetIds": [ | |
| "subnet-0d43113e71a256616", | |
| "subnet-030b7ec259264ab4e", | |
| "subnet-0510905eab3add2b3" | |
| ] | |
| }, | |
| "Environment": { | |
| "Variables": { | |
| "ENV": { | |
| "Ref": "env" | |
| }, | |
| "REGION": { | |
| "Ref": "AWS::Region" | |
| }, | |
| "AUTH_DPPORTALB4B5D85F_USERPOOLID": { | |
| "Ref": "authdpportalb4b5d85fUserPoolId" | |
| }, | |
| "SECRET_NAME": "rds-db-credentials/cluster-KT72YRCZ7NERNPGM7JKAXA32XM/postsignuplambda" | |
| } | |
| }, | |
| "Role": { | |
| "Fn::GetAtt": ["LambdaExecutionRole", "Arn"] | |
| }, | |
| "Runtime": "nodejs12.x", | |
| "Timeout": "25", | |
| "Code": { | |
| "S3Bucket": "amplify-dpportal-dev-102359-deployment", | |
| "S3Key": "amplify-builds/postUserSignUp-324d68636d4831792b66-build.zip" | |
| } | |
| } | |
| }, | |
| "LambdaExecutionRole": { | |
| "Type": "AWS::IAM::Role", | |
| "Properties": { | |
| "RoleName": { | |
| "Fn::If": [ | |
| "ShouldNotCreateEnvResources", | |
| "dpportalLambdaRole95023132", | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "dpportalLambdaRole95023132", | |
| "-", | |
| { | |
| "Ref": "env" | |
| } | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| "AssumeRolePolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": ["lambda.amazonaws.com"] | |
| }, | |
| "Action": ["sts:AssumeRole"] | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "lambdaexecutionpolicy": { | |
| "DependsOn": ["LambdaExecutionRole"], | |
| "Type": "AWS::IAM::Policy", | |
| "Properties": { | |
| "PolicyName": "lambda-execution-policy", | |
| "Roles": [ | |
| { | |
| "Ref": "LambdaExecutionRole" | |
| } | |
| ], | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": ["logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents"], | |
| "Resource": { | |
| "Fn::Sub": [ | |
| "arn:aws:logs:${region}:${account}:log-group:/aws/lambda/${lambda}:log-stream:*", | |
| { | |
| "region": { | |
| "Ref": "AWS::Region" | |
| }, | |
| "account": { | |
| "Ref": "AWS::AccountId" | |
| }, | |
| "lambda": { | |
| "Ref": "LambdaFunction" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": ["ec2:CreateNetworkInterface", "ec2:DescribeNetworkInterfaces"], | |
| "Resource": "*" | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "AmplifyResourcesPolicy": { | |
| "DependsOn": ["LambdaExecutionRole"], | |
| "Type": "AWS::IAM::Policy", | |
| "Properties": { | |
| "PolicyName": "amplify-lambda-execution-policy", | |
| "Roles": [ | |
| { | |
| "Ref": "LambdaExecutionRole" | |
| } | |
| ], | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "cognito-identity:Describe*", | |
| "cognito-identity:Get*", | |
| "cognito-identity:List*", | |
| "cognito-idp:Describe*", | |
| "cognito-idp:AdminGetDevice", | |
| "cognito-idp:AdminGetUser", | |
| "cognito-idp:AdminList*", | |
| "cognito-idp:List*", | |
| "cognito-sync:Describe*", | |
| "cognito-sync:Get*", | |
| "cognito-sync:List*", | |
| "iam:ListOpenIdConnectProviders", | |
| "iam:ListRoles", | |
| "sns:ListPlatformApplications" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:aws:cognito-idp:", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ":", | |
| { | |
| "Ref": "AWS::AccountId" | |
| }, | |
| ":userpool/", | |
| { | |
| "Ref": "authdpportalb4b5d85fUserPoolId" | |
| } | |
| ] | |
| ] | |
| } | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:CreateNetworkInterface", | |
| "ec2:DescribeNetworkInterfaces", | |
| "ec2:DeleteNetworkInterface" | |
| ], | |
| "Resource": "*" | |
| } | |
| ] | |
| } | |
| } | |
| } | |
| }, | |
| "Outputs": { | |
| "Name": { | |
| "Value": { | |
| "Ref": "LambdaFunction" | |
| } | |
| }, | |
| "Arn": { | |
| "Value": { | |
| "Fn::GetAtt": ["LambdaFunction", "Arn"] | |
| } | |
| }, | |
| "Region": { | |
| "Value": { | |
| "Ref": "AWS::Region" | |
| } | |
| }, | |
| "LambdaExecutionRole": { | |
| "Value": { | |
| "Ref": "LambdaExecutionRole" | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment