#  Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License").
#  You may not use this file except in compliance with the License.
#  A copy of the License is located at
#
#      http://aws.amazon.com/apache2.0/
#
#  or in the "license" file accompanying this file. This file is distributed
#  on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
#  express or implied. See the License for the specific language governing
#  permissions and limitations under the License.

AWSTemplateFormatVersion: 2010-09-09
Description: 'AWS Ops Wheel - Lambda Stack'
Resources:
  AWSOpsWheelLambdaRole:
    Properties:
      AssumeRolePolicyDocument:
        Statement:
        - Action: ['sts:AssumeRole']
          Effect: Allow
          Principal:
            Service: [lambda.amazonaws.com]
        Version: '2012-10-17'
      ManagedPolicyArns: ['arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole']
      Path: /service-role/
    Type: AWS::IAM::Role
  AWSOpsWheelLambdaPolicy:
    Properties:
      Groups: []
      PolicyDocument:
        Statement:
        - Action: ['dynamodb:DeleteItem', 'dynamodb:GetItem', 'dynamodb:PutItem',
            'dynamodb:Scan', 'dynamodb:Query', 'dynamodb:UpdateItem', 'dynamodb:BatchWriteItem']
          Effect: Allow
          Resource:
            Fn::Join:
            - ''
            - - 'arn:aws:dynamodb:'
              - { Ref: 'AWS::Region' }
              - ':'
              - { Ref: 'AWS::AccountId' }
              - ':'
              - table/*
        Version: '2012-10-17'
      PolicyName: AWSOpsWheelLambdaPolicy
      Roles:
      - {Ref: AWSOpsWheelLambdaRole}
      Users: []
    Type: AWS::IAM::Policy
  participantDynamoDBTable:
    Properties:
      AttributeDefinitions:
      - { AttributeName: id, AttributeType: S }
      - { AttributeName: wheel_id, AttributeType: S }
      KeySchema:
      - { AttributeName: wheel_id, KeyType: HASH }
      - { AttributeName: id, KeyType: RANGE }
      BillingMode: PAY_PER_REQUEST
    Type: AWS::DynamoDB::Table
  wheelDynamoDBTable:
    Properties:
      AttributeDefinitions:
        - { AttributeName: id, AttributeType: S }
        - { AttributeName: name, AttributeType: S }
      KeySchema:
        - { AttributeName: id, KeyType: HASH }
      BillingMode: PAY_PER_REQUEST
      GlobalSecondaryIndexes:
        - IndexName: name_index
          KeySchema:
          - { AttributeName: name, KeyType: HASH }
          Projection:
            ProjectionType: ALL
    Type: AWS::DynamoDB::Table