########################################################################### # Author: Saunak Chandra # Date: 26-Nov-2018 # Version: 1.0 ########################################################################### AWSTemplateFormatVersion: 2010-09-09 Description: >- Template for a state machine that creates a Lambda function and the state machine that calls the Lambda function Parameters: ModuleName: Description: The name of the Lambda function Type: String Default: RedshiftWLMQueryLauncher SecurityGroups: Description: Select Default Security of VPC has name "RedshiftLab-VPC" Type: 'List' VPCSubnetIDs: Description: Subnet Groups of your VPC for Lambda function Type: 'List' S3Bucket: Description: The name of the bucket that contains your packaged source Type: String Default: awspsa-redshift-lab S3Key: Description: The name of the ZIP package Type: String Default: lambda-code/wlm/query_launcher.zip Resources: FunctionAMI: Type: 'AWS::Lambda::Function' Properties: Code: S3Bucket: !Ref S3Bucket S3Key: !Ref S3Key Handler: query_launcher.lambda_handler VpcConfig: SecurityGroupIds: !Ref SecurityGroups SubnetIds: !Ref VPCSubnetIDs Role: !GetAtt - LambdaExecutionRole - Arn Runtime: python2.7 Timeout: '300' LambdaExecutionRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - 'sts:AssumeRole' ManagedPolicyArns: - 'arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess' Policies: - PolicyName: PolicyToExecuteLambdaInVPC PolicyDocument: Version: 2012-10-17 Statement: Effect: Allow Action: - 'ec2:CreateNetworkInterface' - 'ec2:DescribeNetworkInterfaces' - 'ec2:DeleteNetworkInterface' Resource: '*' StatesExecutionRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - !Sub 'states.${AWS::Region}.amazonaws.com' Action: 'sts:AssumeRole' Path: / Policies: - PolicyName: StatesExecutionPolicy PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - 'lambda:InvokeFunction' Resource: '*' StatesMachineExecutionRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: events.amazonaws.com Action: 'sts:AssumeRole' Path: / Policies: - PolicyName: StatesExecutionPolicy PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: 'states:StartExecution' Resource: !Join - ':' - - 'arn:aws:states' - !Ref 'AWS::Region' - !Ref 'AWS::AccountId' - stateMachine - !GetAtt - LambdaStateMachine - Name LambdaStateMachine: Type: 'AWS::StepFunctions::StateMachine' Properties: DefinitionString: !Sub - |- { "Comment": "A state machine that launches a AWS Lambda function in parallel", "StartAt": "Parallel", "States": { "Parallel": { "Type": "Parallel", "Next": "Final State", "Branches": [ { "StartAt": "ParallelQuery1", "States": { "ParallelQuery1": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery2", "States": { "ParallelQuery2": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery3", "States": { "ParallelQuery3": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery4", "States": { "ParallelQuery4": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery5", "States": { "ParallelQuery5": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery6", "States": { "ParallelQuery6": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery7", "States": { "ParallelQuery7": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery8", "States": { "ParallelQuery8": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery9", "States": { "ParallelQuery9": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "ParallelQuery10", "States": { "ParallelQuery10": { "Type": "Task", "Resource": "${lambdaArn}", "End": true } } }, { "StartAt": "Pass", "States": { "Pass": { "Type": "Pass", "Next": "Wait 10s" }, "Wait 10s": { "Type": "Wait", "Seconds": 10, "End": true } } } ] }, "Final State": { "Type": "Pass", "End": true } } } - lambdaArn: !GetAtt - FunctionAMI - Arn RoleArn: !GetAtt - StatesExecutionRole - Arn