AWSTemplateFormatVersion: 2010-09-09
Description: >-
  observability-app

Transform:
- AWS::Serverless-2016-10-31

Globals:
  Function:
    Runtime: nodejs18.x
    Timeout: 100
    Tracing: Active
    MemorySize: 128
    CodeUri: ./
    Environment:
      Variables:
        APP_NAME: !Ref SampleTable
        SAMPLE_TABLE: !Ref SampleTable
        SERVICE_NAME: item_service
        ENABLE_DEBUG: false
        # Enable usage of KeepAlive to reduce overhead of short-lived actions, like DynamoDB queries
        AWS_NODEJS_CONNECTION_REUSE_ENABLED: 1
        AWS_EMF_NAMESPACE: MonitoringApp
        # d
        LAMBDA_INSIGHTS_LOG_LEVEL: info
    Layers:
      - !Sub "arn:aws:lambda:${AWS::Region}:580247275435:layer:LambdaInsightsExtension:14"
  Api:
    TracingEnabled: true

Resources:
# API Gateway
  Api:
    Type: AWS::Serverless::Api
    DependsOn: ApiCWLRoleArn
    Properties:
      StageName: Prod
      AccessLogSetting:
        DestinationArn: !Sub ${ApiAccessLogGroup.Arn}
        # Full variable list at https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference
        Format: "{ 'requestId':'$context.requestId', 'ip': '$context.identity.sourceIp', 'caller':'$context.identity.caller', 'user':'$context.identity.user','requestTime':'$context.requestTime', 'xrayTraceId':'$context.xrayTraceId', 'wafResponseCode':'$context.wafResponseCode', 'httpMethod':'$context.httpMethod','resourcePath':'$context.resourcePath', 'status':'$context.status','protocol':'$context.protocol', 'responseLength':'$context.responseLength' }"
      MethodSettings:
        - MetricsEnabled: True
          ResourcePath: '/*'
          HttpMethod: '*'
  
  ApiCWLRoleArn:
    Type: AWS::ApiGateway::Account
    Properties: 
      CloudWatchRoleArn: !GetAtt CloudWatchRole.Arn

# Lambda Functions
  getAllItemsFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: src/handlers/get-all-items.getAllItemsHandler
      Description: A simple example includes a HTTP get method to get all items from a DynamoDB table.
      Policies:
        - DynamoDBCrudPolicy:
            TableName: !Ref SampleTable
        - CloudWatchPutMetricPolicy: {}
        - CloudWatchLambdaInsightsExecutionRolePolicy
      Events:
        Api:
          Type: Api
          Properties:
            RestApiId: !Ref Api
            Path: /items
            Method: GET
            
  getByIdFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: src/handlers/get-by-id.getByIdHandler
      Description: A simple example includes a HTTP get method to get one item by id from a DynamoDB table.
      Policies:
        - DynamoDBCrudPolicy:
            TableName: !Ref SampleTable
        - CloudWatchPutMetricPolicy: {}
        - CloudWatchLambdaInsightsExecutionRolePolicy
      Events:
        Api:
          Type: Api
          Properties:
            RestApiId: !Ref Api
            Path: /items/{id}
            Method: GET
            
  putItemFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: src/handlers/put-item.putItemHandler
      Description: A simple example includes a HTTP post method to add one item to a DynamoDB table.
      Policies:
        - DynamoDBCrudPolicy:
            TableName: !Ref SampleTable
        - CloudWatchPutMetricPolicy: {}
        - SNSPublishMessagePolicy:
            TopicName: !Sub ${NewItemTopic.TopicName}
        - CloudWatchLambdaInsightsExecutionRolePolicy
      Environment:
        Variables:
          TOPIC_NAME: !Ref NewItemTopic
      Events:
        Api:
          Type: Api
          Properties:
            RestApiId: !Ref Api
            Path: /items
            Method: POST

  notifyNewItemFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: src/handlers/notify-item.notifyNewItemHandler
      Description: A simple example that is triggered by a SNS message to notify of a new item insertion.
      Policies:
        - CloudWatchLambdaInsightsExecutionRolePolicy
      Events:
        TopicListener:
          Type: SNS
          Properties:
            Topic: !Ref NewItemTopic
            FilterPolicy:
              Status:
                - Success

# SNS Topic
  NewItemTopic:
    Type: AWS::SNS::Topic

# DynamoDB Table            
  SampleTable:
    Type: AWS::Serverless::SimpleTable
    Properties:
      PrimaryKey:
        Name: id
        Type: String

# CloudWatch Logs - Log Groups
  ApiAccessLogGroup:
    Type: AWS::Logs::LogGroup
    DependsOn: Api
    Properties:
      LogGroupName: !Sub /aws/apigateway/${Api}
      RetentionInDays: 7
  
  GetByIdLogGroup:
    Type: AWS::Logs::LogGroup
    DependsOn: getByIdFunction
    Properties:
      LogGroupName: !Sub /aws/lambda/${getByIdFunction}
      RetentionInDays: 7

  GetAllItemsLogGroup:
    Type: AWS::Logs::LogGroup
    DependsOn: getAllItemsFunction
    Properties:
      LogGroupName: !Sub /aws/lambda/${getAllItemsFunction}
      RetentionInDays: 7

  PutItemLogGroup:
    Type: AWS::Logs::LogGroup
    DependsOn: putItemFunction
    Properties:
      LogGroupName: !Sub /aws/lambda/${putItemFunction}
      RetentionInDays: 7

#  NotifyItemLogGroup:
#    Type: AWS::Logs::LogGroup
#    DependsOn: notifyNewItemFunction
#    Properties:
#      LogGroupName: !Sub /aws/lambda/${notifyNewItemFunction}
#      RetentionInDays: 7

# IAM Role for 
  CloudWatchRole:
      Type: AWS::IAM::Role
      Properties:
        AssumeRolePolicyDocument:
          Version: '2012-10-17'
          Statement:
            Action: 'sts:AssumeRole'
            Effect: Allow
            Principal:
              Service: apigateway.amazonaws.com
        Path: /
        ManagedPolicyArns:
          - 'arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs'

Outputs:
  ApiUrl:
    Description: "API Gateway endpoint URL for Prod stage"
    Value: !Sub "https://${Api}.execute-api.${AWS::Region}.amazonaws.com/Prod/"

  SampleTable:
    Value: !GetAtt SampleTable.Arn
    Description: Sample Data Table ARN