-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdeployment.yaml
244 lines (217 loc) · 6.53 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
AWSTemplateFormatVersion: '2010-09-09'
Description: Arduino S3 data exporter. For deployment and architectural details, see https://github.com/arduino/aws-s3-integration
Parameters:
LambdaCodeS3Bucket:
Type: String
Description: S3 bucket where the Lambda function ZIP file is stored.
LambdaCodeS3Key:
Type: String
Default: 'arduino-s3-integration-lambda.zip'
Description: S3 key for the Lambda function ZIP file.
IotApiKey:
Type: String
Description: Arduino API Key.
IotApiSecret:
Type: String
Description: Arduino API Secret.
NoEcho: true
IotOrgId:
Type: String
Default: '<empty>'
Description: Arduino Organization ID (optional).
ExecutionScheduling:
Type: String
Description: "Choose the execution scheduling for the data export"
AllowedValues:
- 5 minutes
- 15 minutes
- 1 hour
- 1 day
Default: 1 hour
Resolution:
Type: String
Description: "Samples resolution data extraction resolution. 'raw' and '1 minute' are not supported for '1 day' scheduling"
AllowedValues:
- raw
- 1 minute
- 5 minutes
- 15 minutes
- 1 hour
Default: 5 minutes
ResolutionAggregationStatistic:
Type: String
Description: "Aggregation statistic for data extraction. It is not applicable for 'raw' resolution."
AllowedValues:
- AVG
- MIN
- MAX
- PCT_90
- PCT_90
Default: AVG
TagFilter:
Type: String
Default: '<empty>'
Description: Filter things to import by tag (optional). Format> tag1=value1,tag2=value2
DestinationS3Bucket:
Type: String
Description: S3 bucket where CSV files will be stored.
Resources:
# IAM Role for Lambda
ArduinoS3LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: ArduinoS3LambdaExecutionPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource: arn:aws:logs:*:*:*
- Effect: Allow
Action:
- ssm:GetParameter
- ssm:GetParameters
- ssm:GetParametersByPath
Resource: arn:aws:ssm:*:*:parameter/arduino/s3-*
- Effect: Allow
Action:
- s3:PutObject
- s3:PutObjectAcl
- s3:ListBucket
Resource:
- !Sub arn:aws:s3:::${DestinationS3Bucket}
- !Sub arn:aws:s3:::${DestinationS3Bucket}/*
# Lambda Function
LambdaFunction:
Type: AWS::Lambda::Function
Properties:
FunctionName: !Sub arduino-s3-csv-data-exporter-${AWS::StackName}
Handler: bootstrap
Role: !GetAtt ArduinoS3LambdaExecutionRole.Arn
Code:
S3Bucket:
Ref: LambdaCodeS3Bucket
S3Key:
Ref: LambdaCodeS3Key
Runtime: provided.al2
Timeout: 900
MemorySize: 256
Environment:
Variables:
STACK_NAME: !Sub ${AWS::StackName}
# Parameters in Parameter Store
ApiKeyParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/api-key
Type: String
Value:
Ref: IotApiKey
Tier: Standard
ApiSecretParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/api-secret
Type: String
Value:
Ref: IotApiSecret
Tier: Standard
OrgIdParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/org-id
Type: String
Value:
Ref: IotOrgId
Tier: Standard
FilterTagsParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/filter/tags
Type: String
Value:
Ref: TagFilter
Tier: Standard
ResolutionParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/samples-resolution
Type: String
Value:
Ref: Resolution
Tier: Standard
DestinationS3BucketParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/destination-bucket
Type: String
Value:
Ref: DestinationS3Bucket
Tier: Standard
ExecutionSchedulingParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/scheduling
Type: String
Value:
Ref: ExecutionScheduling
Tier: Standard
AggregationStatisticParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/aggregation-statistic
Type: String
Value:
Ref: ResolutionAggregationStatistic
Tier: Standard
CompressionParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/enable_compression
Type: String
Value: "false"
Tier: Standard
AlignExtractionParameter:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub /arduino/s3-exporter/${AWS::StackName}/iot/align_with_time_window
Type: String
Value: "false"
Tier: Standard
# EventBridge Rule to trigger Lambda every hour
EventBridgeRule:
Type: AWS::Events::Rule
Properties:
ScheduleExpression:
Fn::Sub: "rate(${ExecutionScheduling})"
Targets:
- Arn: !GetAtt LambdaFunction.Arn
Id: LambdaTarget
Input: '{}'
State: ENABLED
# Permission for EventBridge to invoke Lambda
LambdaPermissionForEventBridge:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Sub arduino-s3-csv-data-exporter-${AWS::StackName}
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
SourceArn: !GetAtt EventBridgeRule.Arn
Outputs:
LambdaFunctionArn:
Description: ARN of the deployed Lambda function.
Value: !GetAtt LambdaFunction.Arn
ArduinoS3LambdaExecutionRoleArn:
Description: ARN of the IAM role associated with the Lambda function.
Value: !GetAtt ArduinoS3LambdaExecutionRole.Arn