Skills for Care On-Demand Reporting.
Each report is packaged as a lambda function and deployed to AWS.
Each lambda function calls back on to the SfC API, to get data and then aggregate/summarise data to generate a report.
No external access to these reports. The reports are executed based on AWS CloudWatch schedule or in response to events emitted from the SfC API - such as, creating a workplace or updating a staff record.
No external access to these reports. The reports once ready are delivered securely to a Slack channel.
Utilises AWS Secret Manager, via an IAM policy, to obtain credentials for Slack notification, but also the credentials to access the SfC API.
You need AWS credentials with administrative permissions to run CloudFormation and create the lambda resources.
Requires a "serverless-admin" AWS credentials profile name.
./node_modules/.bin/serverless config credentials --provider aws --key <your key> --secret <your secret> --profile serverless-admin --overwrite
You also need the MongoDB URI - must be passed as a parameter to serverless build and deploy, such that the sensitive information including username and password are not stored.
MONGO_DB_URI='mongodb+srv://<db username>:<db password>@<db host>/<db name>' npm run package:dev:
- Note, the uri is contained within single quotes.
MONGO_DB_URIis the environment variable name.
Connecting from lambda, need to add the region's CIDR to the MongoDB Atlas IP whitelist. Refer to https://aws.amazon.com/blogs/aws/aws-ip-ranges-json/ for informatin on how to request the AWS regional IP addresses.