# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: MIT-0 AWSTemplateFormatVersion: '2010-09-09' Description: DynamoDB Stream event filtering for Lambda demo stack Transform: AWS::Serverless-2016-10-31 Globals: Function: Handler: app.handler Runtime: nodejs18.x CodeUri: ./src Timeout: 10 MemorySize: 128 Architectures: - arm64 Resources: DemoDynamoDBTable: Type: AWS::DynamoDB::Table Properties: BillingMode: PAY_PER_REQUEST TableName: table-lambda-esm-filter AttributeDefinitions: - AttributeName: id AttributeType: S KeySchema: - AttributeName: id KeyType: HASH StreamSpecification: StreamViewType: NEW_AND_OLD_IMAGES # Both the new and the old item images of the item are written to the stream. # 1. this Lambda is invoked for all messages, regardless of the payload format and contents NoFilterFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-esm-no-filter Description: No filter Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST NoFilterFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${NoFilterFunction}" RetentionInDays: 3 # 2. this Lambda is invoked for: # { # "kind": "Event" # } FilterEventsFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-events Description: Demo filtering in a single field Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"dynamodb":{"NewImage":{"kind":{"S":["Event"]}}}}' FilterEventsFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterEventsFunction}" RetentionInDays: 3 # 3. this Lambda is invoked for: # { # "kind": "Event" # "responseStatus": { # "code": 300 # } # } FilterEventsAndResponseCodeFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-events-and-response-code Description: Demo filtering on multiple fields Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"dynamodb":{"NewImage":{"kind":{"S":["Event"]},"responseStatus":{"M":{"code":{"N":["300"]}}}}}}' FilterEventsAndResponseCodeFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterEventsAndResponseCodeFunction}" RetentionInDays: 3 # 4. this Lambda is invoked for either of the following messages: # - option 1 - code is >= 300 # { # "responseStatus": { # "code": 300 # } # } # - option 2 - RBAC flag is set to true # { # "RBAC": true # } FilterMultiplePatternsFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-multiple-patterns Description: Demo multiple patterns Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"dynamodb":{"NewImage":{"responseStatus":{"M":{"code":{"N":["300"]}}}}}}' - Pattern: '{"dynamodb":{"OldImage":{"RBAC":{"BOOL":[true]}}}}' FilterMultiplePatternsFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterMultiplePatternsFunction}" RetentionInDays: 3 # 5. this Lambda is invoked for the messages having kind set to anything other than Event FilterNotEventKindFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-not-event-kind Description: Demo Not filter Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"dynamodb":{"NewImage":{"kind":{"S":[{"anything-but":["Event"]}]}}}}' FilterNotEventKindFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterNotEventKindFunction}" RetentionInDays: 3 # 6. this Lambda is invoked for the messages having region property starting with `us-` FilterStartsWithFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-starts-with Description: Demo prefix filter Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"dynamodb":{"NewImage":{"region":{"S":[{"prefix":"us-"}]}}}}' FilterStartsWithFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterStartsWithFunction}" RetentionInDays: 3 # 7. this Lambda is invoked for INSERT and REMOVE events matching a specific Keys filter # { # "kind": "Event" # } FilterOnKeysAndMetadataFunction: Type: AWS::Serverless::Function Properties: FunctionName: fn-ddb-filter-key Description: Demo inclusive range filter Events: DDBEvent: Type: DynamoDB Properties: Stream: !GetAtt DemoDynamoDBTable.StreamArn StartingPosition: LATEST FilterCriteria: Filters: - Pattern: '{"eventName":["INSERT","REMOVE"],"dynamodb":{"Keys":{"id":{"S":["rbac-is-set"]}}}}' FilterOnKeysAndMetadataFunctionLogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub "/aws/lambda/${FilterOnKeysAndMetadataFunction}" RetentionInDays: 3