{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {},
"Resources": {
"QuickSightAdminConsole": {
"Type": "AWS::IAM::Role",
"Properties": {
"RoleName": "QuickSightAdminConsole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Policies": [
{
"PolicyName": "QuickSight-AdminConsole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"iam:*",
"quicksight:*",
"lambda:*",
"s3:*",
"sts:AssumeRole",
"cloudwatch:*",
"logs:*"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
}
]
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "137f8de2-0d45-4490-a6a7-04356c185c4a"
}
}
},
"adminconsole": {
"Type": "AWS::S3::Bucket",
"Properties": {
"AccessControl": "Private",
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": true,
"BlockPublicPolicy": true,
"IgnorePublicAcls": true,
"RestrictPublicBuckets": true
},
"BucketName": {
"Fn::Join": [
"",
[
"admin-console",
{
"Ref": "AWS::AccountId"
}
]
]
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "494a8dba-26e5-4efa-93ea-d49a84c99390"
}
}
},
"adminconsoledataprepare": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Description": "admin console dataprepare lambda function",
"Environment": {
"Variables": {
"aws_region": {
"Ref": "AWS::Region"
}
}
},
"Handler": "data_prepare.lambda_handler",
"Runtime": "python3.7",
"FunctionName": "data_prepare",
"MemorySize": 512,
"Timeout": 900,
"Role": {
"Fn::GetAtt": [
"QuickSightAdminConsole",
"Arn"
]
},
"Code": {
"S3Bucket": "admin-console-cfn-dataprepare-code",
"S3Key": "data_prepare.zip"
}
},
"DependsOn": [
"adminconsole"
],
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "c4462e36-ef27-43d6-a0df-01246a77b117"
}
}
},
"adminconsoledatasetinfo": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Description": "admin console dataset information lambda function",
"Environment": {
"Variables": {
"aws_region": {
"Ref": "AWS::Region"
}
}
},
"Handler": "Dataset_info.lambda_handler",
"Runtime": "python3.7",
"FunctionName": "dataset_info",
"MemorySize": 512,
"Timeout": 900,
"Role": {
"Fn::GetAtt": [
"QuickSightAdminConsole",
"Arn"
]
},
"Code": {
"S3Bucket": "admin-console-cfn-dataprepare-code",
"S3Key": "Dataset_info.zip"
}
},
"DependsOn": [
"adminconsole"
],
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "f2b566cb-22e3-41b5-a520-ec2c86a63929"
}
}
},
"adminconsolehourlyschedule": {
"Type": "AWS::Events::Rule",
"Properties": {
"Description": "CloudWatch rule to run lambda every hour",
"Name": "admin-console-every-hour",
"ScheduleExpression": "cron(0 * * * ? *)",
"State": "ENABLED",
"Targets": [
{
"Arn": {
"Fn::GetAtt": [
"adminconsoledataprepare",
"Arn"
]
},
"Id": "Target0"
},
{
"Arn": {
"Fn::GetAtt": [
"adminconsoledatasetinfo",
"Arn"
]
},
"Id": "Target1"
}
]
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "2d875ca8-973f-4c0c-8455-1f15eb588bdb"
}
}
},
"adminconsolehourlyscheduledataprepare": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"Action": "lambda:InvokeFunction",
"FunctionName": {
"Fn::GetAtt": [
"adminconsoledataprepare",
"Arn"
]
},
"Principal": "events.amazonaws.com",
"SourceArn": {
"Fn::GetAtt": [
"adminconsolehourlyschedule",
"Arn"
]
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "a59461e8-9fcb-415c-b8a0-0f21f2b4e38b"
}
}
},
"adminconsolehourlyscheduledatasetinfo": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"Action": "lambda:InvokeFunction",
"FunctionName": {
"Fn::GetAtt": [
"adminconsoledatasetinfo",
"Arn"
]
},
"Principal": "events.amazonaws.com",
"SourceArn": {
"Fn::GetAtt": [
"adminconsolehourlyschedule",
"Arn"
]
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "50816f94-5ba8-4b3b-91da-84afa96bd9e7"
}
}
}
},
"Outputs": {
"groupmembership": {
"Description": "The s3 location of group_membership.csv for you to utilize in next Athena tables creation stack",
"Value": {
"Fn::Sub": "s3://admin-console${AWS::AccountId}/monitoring/quicksight/group_membership"
}
},
"objectaccess": {
"Description": "The s3 location of object_access.csv for you to utilize in next Athena tables creation stack",
"Value": {
"Fn::Sub": "s3://admin-console${AWS::AccountId}/monitoring/quicksight/object_access"
}
},
"cloudtraillogtablename": {
"Description": "The table name of cloudtrail log for you to utilize in next Athena tables creation stack",
"Value": "cloudtrail_logs"
},
"cloudtraillog": {
"Description": "The s3 location of cloudtrail log for you to utilize in next Athena tables creation stack",
"Value": {
"Fn::Sub": "s3://cloudtrail-awslogs-${AWS::AccountId}-do-not-delete/AWSLogs/${AWS::AccountId}/CloudTrail"
}
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"494a8dba-26e5-4efa-93ea-d49a84c99390": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": -130,
"y": 230
},
"z": 1,
"embeds": []
},
"137f8de2-0d45-4490-a6a7-04356c185c4a": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 20,
"y": 240
},
"z": 1,
"embeds": []
},
"c4462e36-ef27-43d6-a0df-01246a77b117": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 10,
"y": 70
},
"z": 1,
"embeds": [],
"dependson": [
"494a8dba-26e5-4efa-93ea-d49a84c99390"
]
},
"2d875ca8-973f-4c0c-8455-1f15eb588bdb": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 180,
"y": 210
},
"z": 1,
"embeds": []
},
"a59461e8-9fcb-415c-b8a0-0f21f2b4e38b": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 400,
"y": 100
},
"z": 1,
"embeds": [],
"isassociatedwith": [
"c4462e36-ef27-43d6-a0df-01246a77b117"
]
},
"f2b566cb-22e3-41b5-a520-ec2c86a63929": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 20,
"y": 400
},
"z": 1,
"embeds": [],
"dependson": [
"494a8dba-26e5-4efa-93ea-d49a84c99390"
]
},
"50816f94-5ba8-4b3b-91da-84afa96bd9e7": {
"size": {
"width": 60,
"height": 60
},
"position": {
"x": 410,
"y": 360
},
"z": 1,
"embeds": [],
"isassociatedwith": [
"f2b566cb-22e3-41b5-a520-ec2c86a63929"
]
}
}
}
}