Transform: AWS::Serverless-2016-10-31
Metadata:
  AWS::ServerlessRepo::Application:
    Name: AthenaHiveMetastoreFunction
    Description: An Athena Lambda function to interact with Hive Metastore
    Author: default author
    SpdxLicenseId: Apache-2.0
    LicenseUrl: s3://amazon-athena-hms-sam-publish/f2192c03aa492ef2104991bb8be53aba
    ReadmeUrl: s3://amazon-athena-hms-sam-publish/4adb8b0459b4ba04a24ce53a6e056630
    Labels:
    - athena-hive-metastore
    HomePageUrl: https://github.com/awslabs/aws-athena-hive-metastore
    SemanticVersion: 1.0.0
    SourceCodeUrl: https://github.com/awslabs/aws-athena-hive-metastore
Parameters:
  LambdaFuncName:
    Description: The name you will give to this catalog in Athena will be used as
      the function name prefix.
    Type: String
  SpillLocation:
    Description: The S3 location where this function can spill metadata responses.
    Type: String
    Default: athena-hms-spill
  LambdaTimeout:
    Description: Maximum Lambda invocation runtime in seconds. (min 1 - 900 max)
    Default: 300
    Type: Number
  LambdaMemory:
    Description: Lambda memory in MB (min 128 - 3008 max).
    Default: 1024
    Type: Number
  HMSUris:
    Description: Hive metastore URIs
    Type: String
  VPCSubnetIds:
    Description: Comma separated VPC subnet IDs where hive metastore is in.
    Type: CommaDelimitedList
  VPCSecurityGroupIds:
    Description: Comma separated VPC security groups IDs where hive metastore is in.
    Type: CommaDelimitedList
Resources:
  HiveMetastoreFunction:
    Type: AWS::Serverless::Function
    Properties:
      Environment:
        Variables:
          HMS_URIS:
            Ref: HMSUris
          SPILL_LOCATION:
            Fn::Sub: s3://${SpillLocation}
      FunctionName:
        Fn::Sub: ${LambdaFuncName}
      Handler: com.amazonaws.athena.hms.HiveMetaStoreLambdaFunc::handleRequest
      CodeUri: s3://amazon-athena-hms-sam-publish/a7069c1448fbb7cd7c5124084eb7c58d
      Description: Allows Athena to call and execute queries with hive metastore.
      Runtime: java8
      Timeout:
        Ref: LambdaTimeout
      MemorySize:
        Ref: LambdaMemory
      Policies:
      - Statement:
        - Action:
          - lambda:GetFunction
          - lambda:InvokeFunction
          - logs:CreateLogGroup
          - logs:CreateLogStream
          - logs:PutLogEvents
          Effect: Allow
          Resource: '*'
        - Action:
          - s3:GetObject
          - s3:GetBucketLocation
          - s3:ListBucket
          - s3:PutObject
          Effect: Allow
          Resource:
            Fn::Sub: arn:aws:s3:::${SpillLocation}/*
        Version: '2012-10-17'
      - VPCAccessPolicy: {}
      VpcConfig:
        SecurityGroupIds:
          Ref: VPCSecurityGroupIds
        SubnetIds:
          Ref: VPCSubnetIds