FilesExpand file tree

 master

/

lambda_file_processing.yml

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

131 lines (124 loc) · 4.06 KB

 master

/

lambda_file_processing.yml

Top

File metadata and controls

• Code
• Blame

131 lines (124 loc) · 4.06 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

AWSTemplateFormatVersion: '2010-09-09'

Transform: 'AWS::Serverless-2016-10-31'

Description: CFN template to create architecture represented at https://aws.amazon.com/blogs/compute/fanout-s3-event-notifications-to-multiple-endpoints/.

Resources:

ProcessorFunctionOne:

Type: 'AWS::Serverless::Function'

Properties:

Handler: data-processor-1.handler

Runtime: nodejs8.10

CodeUri: ./src/data-processor-1/

Role: !GetAtt [LambdaExecutionRole, Arn]

ProcessorFunctionTwo:

Type: 'AWS::Serverless::Function'

Properties:

Handler: data-processor-2.handler

Runtime: nodejs8.10

CodeUri: ./src/data-processor-2/

Role: !GetAtt [LambdaExecutionRole, Arn]

InputBucket:

Type: AWS::S3::Bucket

Properties:

BucketName: !Join ['-', [!Ref 'AWS::StackName', !Ref 'AWS::AccountId', files]]

NotificationConfiguration:

TopicConfigurations:

- Event: s3:ObjectCreated:*

Topic: !Ref 'InputNotificationTopic'

DependsOn: NotificationPolicy

OutputBucket:

Type: AWS::S3::Bucket

Properties:

BucketName: !Join ['-', [!Ref 'InputBucket', out]]

InputNotificationTopic:

Type: AWS::SNS::Topic

Properties:

Subscription:

- Endpoint: !GetAtt [ProcessorFunctionOne, Arn]

Protocol: lambda

- Endpoint: !GetAtt [ProcessorFunctionTwo, Arn]

Protocol: lambda

NotificationPolicy:

Type: AWS::SNS::TopicPolicy

Properties:

PolicyDocument:

Id: PushBucketNotificationPolicy

Version: '2012-10-17'

Statement:

- Sid: AllowBucketToPushNotificationEffect

Effect: Allow

Principal:

Service: s3.amazonaws.com

Action: sns:Publish

Resource: !Ref 'InputNotificationTopic'

Condition:

ArnLike:

aws:SourceArn: !Join ['', ['arn:aws:s3:*:*:', !Join ['-', [!Ref 'AWS::StackName',

!Ref 'AWS::AccountId', files]]]]

Topics:

- !Ref 'InputNotificationTopic'

LambdaExecutionRole:

Type: AWS::IAM::Role

Properties:

AssumeRolePolicyDocument:

Version: '2012-10-17'

Statement:

- Effect: Allow

Principal:

Service:

- lambda.amazonaws.com

Action:

- sts:AssumeRole

Path: /

RolePolicy:

Type: AWS::IAM::Policy

Properties:

PolicyName: root

PolicyDocument:

Version: '2012-10-17'

Statement:

- Effect: Allow

Action:

- logs:CreateLogGroup

- logs:CreateLogStream

- logs:PutLogEvents

Resource: arn:aws:logs:*:*:*

- Effect: Allow

Action:

- s3:GetObject

Resource: !Join ['', ['arn:aws:s3:::', !Ref 'InputBucket', /*]]

- Effect: Allow

Action:

- s3:PutObject

Resource: !Join ['', ['arn:aws:s3:::', !Ref 'OutputBucket', /*]]

Roles:

- !Ref 'LambdaExecutionRole'

LambdaInvokePermissionOne:

Type: AWS::Lambda::Permission

Properties:

FunctionName: !GetAtt [ProcessorFunctionOne, Arn]

Action: lambda:InvokeFunction

Principal: sns.amazonaws.com

SourceArn: !Ref 'InputNotificationTopic'

LambdaInvokePermissionTwo:

Type: AWS::Lambda::Permission

Properties:

FunctionName: !GetAtt [ProcessorFunctionTwo, Arn]

Action: lambda:InvokeFunction

Principal: sns.amazonaws.com

SourceArn: !Ref 'InputNotificationTopic'

Outputs:

Bucket:

Description: Storage location for data which is to be processed by Lambda functions

Value: !Ref 'InputBucket'

BucketOut:

Description: Storage location for data which is to be processed by Lambda functions

Value: !Ref 'OutputBucket'

Topic:

Description: SNS topic to fanout S3 Event notifications to Lambda functions

Value: !Ref 'InputNotificationTopic'

ProcessorFnOne:

Description: Lambda function receiving SNS messages of S3 events

Value: !Ref 'ProcessorFunctionOne'

ProcessorFnTwo:

Description: Lambda function receiving SNS messages of S3 events

Value: !Ref 'ProcessorFunctionTwo'