--- #----------------------------------------------------------------------------------------------------------------------- # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance # with the License. A copy of the License is located at # # http://www.apache.org/licenses/LICENSE-2.0 # # or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES # OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions # and limitations under the License. #----------------------------------------------------------------------------------------------------------------------- AWSTemplateFormatVersion: '2010-09-09' Transform: AWS::Serverless-2016-10-31 Description: 'IoT Device Monitoring' Parameters: ApplicationConfigurationOverride: Description: This allows you to override any application configuration. It should consists of a text-based content with a structure and syntax comprising key–value pairs for properties. Any configurations contained in this will override the configurations found and merged from the default .env files. Type: String Environment: Description: Name of environment. Used to name the created resources. Type: String MinLength: 1 AssetLibraryFunctionName: Description: AssetLibrary REST API function name Type: String Default: '' Resources: IoTLifecycleConnectRule: Type: AWS::IoT::TopicRule Properties: TopicRulePayload: Actions: - Lambda: FunctionArn: !GetAtt IoTLifecycleEventLambda.Arn Description: 'Send IoT Lifecycle Event data to Lambda for connection status' AwsIotSqlVersion: '2016-03-23' RuleDisabled: false Sql: >- SELECT * FROM '$aws/events/presence/connected/+' IoTLifecycleConnectInvocationPermission: Type: AWS::Lambda::Permission Properties: SourceArn: !GetAtt IoTLifecycleConnectRule.Arn Action: lambda:InvokeFunction Principal: iot.amazonaws.com FunctionName: !GetAtt IoTLifecycleEventLambda.Arn SourceAccount: !Ref AWS::AccountId IoTLifecycleDisconnectRule: Type: AWS::IoT::TopicRule DependsOn: IoTLifecycleEventLambda Properties: TopicRulePayload: Actions: - Lambda: FunctionArn: !GetAtt IoTLifecycleEventLambda.Arn Description: 'Send IoT Lifecycle Event data to Lambda for disconnect status' AwsIotSqlVersion: '2016-03-23' RuleDisabled: false Sql: >- SELECT * FROM '$aws/events/presence/disconnected/+' IoTLifecycleInvocationPermission: Type: AWS::Lambda::Permission Properties: SourceArn: !GetAtt IoTLifecycleDisconnectRule.Arn Action: lambda:InvokeFunction Principal: iot.amazonaws.com FunctionName: !GetAtt IoTLifecycleEventLambda.Arn SourceAccount: !Ref AWS::AccountId IoTLifecycleLambdaRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: Effect: Allow Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole Path: '/cdf/devicemonitoring/' ManagedPolicyArns: - arn:aws:iam::aws:policy/AWSLambdaExecute - arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess Policies: - PolicyName: app_policies PolicyDocument: Version: '2012-10-17' Statement: - Sid: lambda Effect: Allow Action: - lambda:InvokeFunction - lambda:Invoke Resource: - !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:${AssetLibraryFunctionName}' IoTLifecycleEventLambda: Type: AWS::Serverless::Function Properties: FunctionName: !Sub 'cdf-deviceMonitoring-${Environment}' CodeUri: ../bundle.zip Handler: iot_lifecycle_event.lambda_handler MemorySize: 128 Role: !GetAtt IoTLifecycleLambdaRole.Arn Runtime: nodejs16.x Timeout: 29 Environment: Variables: APP_CONFIG_DIR: 'config' APP_CONFIG: !Ref ApplicationConfigurationOverride ASSETLIBRARY_API_FUNCTION_NAME: !Ref AssetLibraryFunctionName Tracing: Active