AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: An AWS Lambda application that calls the EKS Kubernetes API.

Parameters:
  ClusterName:
    Description: Name of the EKS cluster to monitor
    Type: String

Resources:
  EksGetPodsFunction:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: lambda-eks-getpods-python
      Environment:
        Variables:
          CLUSTER_NAME: !Ref ClusterName
      Handler: lambda_function.lambda_handler
      Runtime: python3.9
      CodeUri: lambda_build/.
      Description: Call the AWS Lambda API
      Role: !GetAtt 'EksGetPodsFunctionRole.Arn'
      ReservedConcurrentExecutions: 5
      Timeout: 30
      MemorySize: 256


  EksGetPodsFunctionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - lambda.amazonaws.com
            Action:
              - sts:AssumeRole
      Path: /
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      Policies:
        - PolicyName: root
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - eks:DescribeCluster
                Resource: !Sub 'arn:aws:eks:${AWS::Region}:${AWS::AccountId}:cluster/${ClusterName}'


Outputs:
  Role:
    Description: IAM Role
    Value: !GetAtt 'EksGetPodsFunctionRole.Arn'