Skip to content

Instantly share code, notes, and snippets.

@notbrain
Created July 14, 2019 14:52
Show Gist options
  • Save notbrain/c1523ec95279d83f4595220d970fb3b9 to your computer and use it in GitHub Desktop.
Save notbrain/c1523ec95279d83f4595220d970fb3b9 to your computer and use it in GitHub Desktop.
Simple Chat App: Attempt to add APIGatewayV2 logging
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Regional API Gateway Logging Role Setup
Resources:
APIGatewayLogGroup:
Type: AWS::Logs::LogGroup
Properties:
LogGroupName: 'apigw-log-group'
RetentionInDays: 7
LogsRole:
Type: AWS::IAM::Role
Properties:
Path: /
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- apigateway.amazonaws.com
Action:
- sts:AssumeRole
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs'
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
API Gateway V2 WebSocket Demo
Deploy a websockets API Gateway, DynamoDB, and Lambdas to send broadcast
messages via CLI to all connected clients
Parameters:
TableName:
Type: String
Default: 'active_websockets'
Description: (Required) The name of the new DynamoDB to store connection identifiers for each connected clients. Minimum 3 characters
MinLength: 3
MaxLength: 50
AllowedPattern: ^[A-Za-z_]+$
ConstraintDescription: 'Required. Can be characters and underscore only. No numbers or special characters allowed.'
Globals:
Function:
Runtime: nodejs10.x
MemorySize: 256
Environment:
Variables:
TABLE_NAME: !Ref TableName
Resources:
SockeyeWebSocket:
Type: AWS::ApiGatewayV2::Api
Properties:
Name: SockeyeWebSocket
ProtocolType: WEBSOCKET
RouteSelectionExpression: "$request.body.message"
ConnectRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref SockeyeWebSocket
RouteKey: $connect
AuthorizationType: NONE
OperationName: ConnectRoute
Target: !Join
- '/'
- - 'integrations'
- !Ref ConnectInteg
ConnectInteg:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref SockeyeWebSocket
Description: Connect Integration
IntegrationType: AWS_PROXY
IntegrationUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${OnConnectFunction.Arn}/invocations
DisconnectRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref SockeyeWebSocket
RouteKey: $disconnect
AuthorizationType: NONE
OperationName: DisconnectRoute
Target: !Join
- '/'
- - 'integrations'
- !Ref DisconnectInteg
DisconnectInteg:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref SockeyeWebSocket
Description: Disconnect Integration
IntegrationType: AWS_PROXY
IntegrationUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${OnDisconnectFunction.Arn}/invocations
SendRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref SockeyeWebSocket
RouteKey: sendmessage
AuthorizationType: NONE
OperationName: SendRoute
Target: !Join
- '/'
- - 'integrations'
- !Ref SendInteg
SendInteg:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref SockeyeWebSocket
Description: Send Integration
IntegrationType: AWS_PROXY
IntegrationUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${SendMessageFunction.Arn}/invocations
Deployment:
Type: AWS::ApiGatewayV2::Deployment
DependsOn:
- ConnectRoute
- SendRoute
- DisconnectRoute
Properties:
ApiId: !Ref SockeyeWebSocket
Stage:
Type: AWS::ApiGatewayV2::Stage
Properties:
StageName: POC
Description: Proof of Concept Stage
DeploymentId: !Ref Deployment
ApiId: !Ref SockeyeWebSocket
AccessLogSettings:
DestinationArn: arn:aws:logs:us-west-2:AWSACCOUNTNUMBER:log-group:apigw-log-group
Format: >-
{"requestId":"$context.requestId",
"ip": "$context.identity.sourceIp",
"caller":"$context.identity.caller",
"user":"$context.identity.user",
"requestTime":"$context.requestTime",
"eventType":"$context.eventType",
"routeKey":"$context.routeKey",
"status":"$context.status",
"connectionId":"$context.connectionId"}
ConnectionsTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
- AttributeName: "connectionId"
AttributeType: "S"
KeySchema:
- AttributeName: "connectionId"
KeyType: "HASH"
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
SSESpecification:
SSEEnabled: True
TableName: !Ref TableName
OnConnectFunction:
Type: AWS::Serverless::Function
Properties:
Handler: lib/index.onconnect
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref TableName
OnConnectPermission:
Type: AWS::Lambda::Permission
DependsOn:
- SockeyeWebSocket
- OnConnectFunction
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref OnConnectFunction
Principal: apigateway.amazonaws.com
OnDisconnectFunction:
Type: AWS::Serverless::Function
Properties:
Handler: lib/index.ondisconnect
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref TableName
OnDisconnectPermission:
Type: AWS::Lambda::Permission
DependsOn:
- SockeyeWebSocket
- OnDisconnectFunction
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref OnDisconnectFunction
Principal: apigateway.amazonaws.com
SendMessageFunction:
Type: AWS::Serverless::Function
Properties:
Handler: lib/index.sendmessage
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref TableName
- Statement:
- Effect: Allow
Action:
- 'execute-api:ManageConnections'
Resource:
- !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${SockeyeWebSocket}/*'
SendMessagePermission:
Type: AWS::Lambda::Permission
DependsOn:
- SockeyeWebSocket
- SendMessageFunction
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref SendMessageFunction
Principal: apigateway.amazonaws.com
Outputs:
ConnectionsTableArn:
Description: "Connections table ARN"
Value: !GetAtt ConnectionsTable.Arn
OnConnectFunctionArn:
Description: "OnConnect function ARN"
Value: !GetAtt OnConnectFunction.Arn
OnDisconnectFunctionArn:
Description: "OnDisconnect function ARN"
Value: !GetAtt OnDisconnectFunction.Arn
SendMessageFunctionArn:
Description: "SendMessage function ARN"
Value: !GetAtt SendMessageFunction.Arn
WebSocketURI:
Description: "The WSS Protocol URI to connect to"
Value: !Join [ '', [ 'wss://', !Ref SockeyeWebSocket, '.execute-api.',!Ref 'AWS::Region','.amazonaws.com/',!Ref 'Stage'] ]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment