-
Notifications
You must be signed in to change notification settings - Fork 90
/
Copy pathtemplate.yml
147 lines (139 loc) · 4.23 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
sqs batch processing demo
Globals:
Function:
Timeout: 20
Runtime: java11
MemorySize: 512
Tracing: Active
Environment:
Variables:
POWERTOOLS_LOG_LEVEL: INFO
POWERTOOLS_LOGGER_SAMPLE_RATE: 1.0
POWERTOOLS_LOGGER_LOG_EVENT: true
Resources:
CustomerKey:
Type: AWS::KMS::Key
Properties:
Description: KMS key for encrypted queues
Enabled: true
KeyPolicy:
Version: '2012-10-17'
Statement:
- Sid: Enable IAM User Permissions
Effect: Allow
Principal:
AWS: !Sub 'arn:aws:iam::${AWS::AccountId}:root'
Action: 'kms:*'
Resource: '*'
- Sid: Allow use of the key
Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action:
- kms:Decrypt
- kms:GenerateDataKey
Resource: '*'
CustomerKeyAlias:
Type: AWS::KMS::Alias
Properties:
AliasName: alias/powertools-batch-sqs-demo
TargetKeyId: !Ref CustomerKey
DemoDlqSqsQueue:
Type: AWS::SQS::Queue
Properties:
KmsMasterKeyId: !Ref CustomerKey
DemoSqsQueue:
Type: AWS::SQS::Queue
Properties:
RedrivePolicy:
deadLetterTargetArn:
Fn::GetAtt:
- "DemoDlqSqsQueue"
- "Arn"
maxReceiveCount: 2
KmsMasterKeyId: !Ref CustomerKey
DemoSQSSenderFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: ../..
Handler: org.demo.batch.sqs.SqsBatchSender::handleRequest
Environment:
Variables:
POWERTOOLS_SERVICE_NAME: sqs-batch-demo
QUEUE_URL: !Ref DemoSqsQueue
Policies:
- Statement:
- Sid: SQSSendMessageBatch
Effect: Allow
Action:
- sqs:SendMessageBatch
- sqs:SendMessage
Resource: !GetAtt DemoSqsQueue.Arn
- Sid: SQSKMSKey
Effect: Allow
Action:
- kms:GenerateDataKey
- kms:Decrypt
Resource: !GetAtt CustomerKey.Arn
Events:
CWSchedule:
Type: Schedule
Properties:
Schedule: 'rate(5 minutes)'
Name: !Join [ "-", [ "message-producer-schedule", !Select [ 0, !Split [ -, !Select [ 2, !Split [ /, !Ref AWS::StackId ] ] ] ] ] ]
Description: Produce message to SQS via a Lambda function
Enabled: true
DemoSQSConsumerFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: ../..
Handler: org.demo.batch.sqs.SqsBatchHandler::handleRequest
Environment:
Variables:
POWERTOOLS_SERVICE_NAME: sqs-demo
Policies:
- Statement:
- Sid: SQSDeleteGetAttribute
Effect: Allow
Action:
- sqs:DeleteMessageBatch
- sqs:GetQueueAttributes
Resource: !GetAtt DemoSqsQueue.Arn
- Sid: SQSSendMessageBatch
Effect: Allow
Action:
- sqs:SendMessageBatch
- sqs:SendMessage
Resource: !GetAtt DemoDlqSqsQueue.Arn
- Sid: SQSKMSKey
Effect: Allow
Action:
- kms:GenerateDataKey
- kms:Decrypt
Resource: !GetAtt CustomerKey.Arn
Events:
MySQSEvent:
Type: SQS
Properties:
Queue: !GetAtt DemoSqsQueue.Arn
BatchSize: 2
MaximumBatchingWindowInSeconds: 300
Outputs:
DemoSqsQueue:
Description: "ARN for main SQS queue"
Value: !GetAtt DemoSqsQueue.Arn
DemoDlqSqsQueue:
Description: "ARN for DLQ"
Value: !GetAtt DemoDlqSqsQueue.Arn
DemoSQSSenderFunction:
Description: "SQS Batch Sender - Lambda Function ARN"
Value: !GetAtt DemoSQSSenderFunction.Arn
DemoSQSConsumerFunction:
Description: "SQS Batch Handler - Lambda Function ARN"
Value: !GetAtt DemoSQSConsumerFunction.Arn
DemoSQSConsumerFunctionRole:
Description: "Implicit IAM Role created for SQS Lambda Function ARN"
Value: !GetAtt DemoSQSConsumerFunctionRole.Arn