# Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: MIT-0
---
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Chime private bot demo process bot logic
Resources:
  PrivateBotApiGatewayApi:
    Type: AWS::Serverless::Api
    Properties:
      DefinitionUri: ./simple-proxy-api.yaml
      StageName: Demo
      Variables:
        PrivateBotLambdaFuncionName: !Ref AMAZON_CHIME_PRIVATE_BOT_LAMBDA_FUNCTION_NAME

  PrivateBotLambdaExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          Effect: Allow
          Principal:
            Service: lambda.amazonaws.com
          Action: sts:AssumeRole
      Path: "/"
      Policies:
      - PolicyName: root
        PolicyDocument:
          Version: '2012-10-17'
          Statement:
          - Effect: Allow
            Action:
            - logs:CreateLogGroup
            - logs:CreateLogStream
            - logs:PutLogEvents
            Resource: arn:aws:logs:*:*:*

  PrivateBotLambdaApiGatewayExecutionPermission:
    Type: AWS::Lambda::Permission
    Properties:
      Action: lambda:InvokeFunction
      FunctionName: !GetAtt AMAZON_CHIME_PRIVATE_BOT_LAMBDA_FUNCTION_NAME.Arn
      Principal: apigateway.amazonaws.com
      SourceArn: !Join
        - ''
        - - 'arn:aws:execute-api:'
          - !Ref AWS::Region
          - ":"
          - !Ref AWS::AccountId
          - ":"
          - !Ref PrivateBotApiGatewayApi
          - "/*/*"

  AMAZON_CHIME_PRIVATE_BOT_LAMBDA_FUNCTION_NAME:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: AMAZON_CHIME_PRIVATE_BOT_LAMBDA_FUNCTION_NAME
      Description: Example lambda to handle private bot operation
      CodeUri: ./
      Handler: index.handler
      MemorySize: 256
      Role: !GetAtt PrivateBotLambdaExecutionRole.Arn
      Runtime: nodejs8.10
      Timeout: 30