AWSTemplateFormatVersion: '2010-09-09' Description: Membership/Subscription promotions tool lambda functions Parameters: CODEPromotionsTableStreamARN: Description: ARN of the MembershipSub-Promotions-CODE DynamoDB stream to trigger the lambda function which updates the MembershipSub-PromoCode-View-CODE table Type: String Default: '' PRODPromotionsTableStreamARN: Description: ARN of the MembershipSub-Promotions-PROD DynamoDB stream to trigger the lambda function which updates the MembershipSub-PromoCode-View-PROD table Type: String Default: '' Resources: MembershipSubPromoCodeViewLambdaRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole Path: / Policies: - PolicyName: MembershipSub-Promo-Code-View-Lambda-Policy PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents Resource: - arn:aws:logs:*:*:log-group:/aws/lambda/MembershipSub-Promotions-to-PromoCode-View-* - Effect: Allow Action: - dynamodb:GetRecords - dynamodb:GetShardIterator - dynamodb:DescribeStream - dynamodb:ListStreams - dynamodb:Scan Resource: - arn:aws:dynamodb:*:*:table/MembershipSub-Promotions-* - arn:aws:dynamodb:*:*:table/MembershipSub-Campaigns-* - Effect: Allow Action: - dynamodb:BatchWriteItem - dynamodb:PutItem Resource: - arn:aws:dynamodb:*:*:table/MembershipSub-PromoCode-View-PROD - arn:aws:dynamodb:*:*:table/MembershipSub-PromoCode-View-CODE MembershipSubPromoCodeViewETLRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole Path: / Policies: - PolicyName: MembershipSub-Promotions-Data-Policy PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents Resource: - arn:aws:logs:*:*:log-group:/aws/lambda/MembershipSub-PromoCode-View-Dynamo-to-Salesforce-* - Effect: Allow Action: - dynamodb:GetRecords - dynamodb:Scan Resource: - arn:aws:dynamodb:*:*:table/MembershipSub-PromoCode-View-PROD - arn:aws:dynamodb:*:*:table/MembershipSub-PromoCode-View-CODE - Effect: Allow Action: - s3:PutObject - s3:PutObjectAcl Resource: - arn:aws:s3:::ophan-raw-membership-promo-code-view/* - Effect: Allow Action: - secretsmanager:GetSecretValue Resource: - arn:aws:secretsmanager:eu-west-1:865473395570:secret:CODE/Salesforce/User/PromoCodeLambda* - arn:aws:secretsmanager:eu-west-1:865473395570:secret:PROD/Salesforce/User/PromoCodeLambda* PromoCodeViewLambdaFunctionCODE: Type: AWS::Lambda::Function Properties: Code: S3Bucket: gu-promotions-tool-dist S3Key: membership/PROD/MembershipSub-Promotions-PromoCode-View/MembershipSub-Promotions-PromoCode-View.zip Description: An Amazon DynamoDB trigger that creates a view of data associated with a particular promo code for the data pipeline to collect. FunctionName: MembershipSub-Promotions-to-PromoCode-View-CODE Handler: MembershipSub-Promotions-to-PromoCode-View-Lambda.handler MemorySize: 128 Role: !GetAtt [MembershipSubPromoCodeViewLambdaRole, Arn] Runtime: nodejs18.x Timeout: 60 PromoCodeViewLambdaFunctionPROD: Type: AWS::Lambda::Function Properties: Code: S3Bucket: gu-promotions-tool-dist S3Key: membership/PROD/MembershipSub-Promotions-PromoCode-View/MembershipSub-Promotions-PromoCode-View.zip Description: An Amazon DynamoDB trigger that creates a view of data associated with a particular promo code for the data pipeline to collect. FunctionName: MembershipSub-Promotions-to-PromoCode-View-PROD Handler: MembershipSub-Promotions-to-PromoCode-View-Lambda.handler MemorySize: 128 Role: !GetAtt [MembershipSubPromoCodeViewLambdaRole, Arn] Runtime: nodejs18.x Timeout: 60 PromoCodeViewLambdaEventSourceCODE: Type: AWS::Lambda::EventSourceMapping Properties: BatchSize: 1 Enabled: true EventSourceArn: !Ref 'CODEPromotionsTableStreamARN' FunctionName: !Ref 'PromoCodeViewLambdaFunctionCODE' StartingPosition: TRIM_HORIZON PromoCodeViewLambdaEventSourcePROD: Type: AWS::Lambda::EventSourceMapping Properties: BatchSize: 1 Enabled: true EventSourceArn: !Ref 'PRODPromotionsTableStreamARN' FunctionName: !Ref 'PromoCodeViewLambdaFunctionPROD' StartingPosition: TRIM_HORIZON PromoCodeViewSalesforceLambdaFunctionCODE: Type: AWS::Lambda::Function Properties: Code: S3Bucket: gu-promotions-tool-dist S3Key: membership/PROD/MembershipSub-Promotions-PromoCode-View/MembershipSub-Promotions-PromoCode-View.zip Description: A Lambda function to replicate the MembershipSub-PromoCode-View-CODE Dynamo table to Salesforce FunctionName: MembershipSub-PromoCode-View-Dynamo-to-Salesforce-CODE Handler: MembershipSub-PromoCode-View-Dynamo-to-Salesforce.handler MemorySize: 128 Role: !GetAtt [MembershipSubPromoCodeViewETLRole, Arn] Runtime: nodejs18.x Timeout: 60 PromoCodeViewSalesforceLambdaFunctionPROD: Type: AWS::Lambda::Function Properties: Code: S3Bucket: gu-promotions-tool-dist S3Key: membership/PROD/MembershipSub-Promotions-PromoCode-View/MembershipSub-Promotions-PromoCode-View.zip Description: A Lambda function to replicate the MembershipSub-PromoCode-View-PROD Dynamo table to Salesforce FunctionName: MembershipSub-PromoCode-View-Dynamo-to-Salesforce-PROD Handler: MembershipSub-PromoCode-View-Dynamo-to-Salesforce.handler MemorySize: 128 Role: !GetAtt [MembershipSubPromoCodeViewETLRole, Arn] Runtime: nodejs18.x Timeout: 60 ETLSchedule: Type: AWS::Events::Rule Properties: ScheduleExpression: cron(0 8 * * ? *) State: ENABLED Targets: - Id: ETLPromoCodeViewSalesforceLambdaFunctionPRODSchedule Arn: !GetAtt [PromoCodeViewSalesforceLambdaFunctionPROD, Arn] ETLInvokeLambdaPermissionSF: Type: AWS::Lambda::Permission Properties: FunctionName: !GetAtt [PromoCodeViewSalesforceLambdaFunctionPROD, Arn] Action: lambda:InvokeFunction Principal: events.amazonaws.com SourceArn: !GetAtt [ETLSchedule, Arn]