Merge pull request #38 from aws-samples/sliedig-ns-refactor

feat: namespace refactoring

.gitignore

@@ -11,3 +11,4 @@ deleteall.sh
 /unicorn_properties/PropertyFunctions/PropertyService.iml
 /unicorn_web/PropertyFunctions/PropertyWeb.iml
 /unicorn_contracts/ContractsFunction/ContractsModule.iml
+**/cdk.out/

unicorn_contracts/integration/event-schemas.yaml

@@ -20,7 +20,7 @@ Resources:
     Properties:
       Description: 'Event schemas for Unicorn Contracts'
       RegistryName:
-        Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}-${Stage}"
+        Fn::Sub: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}-${Stage}"
 
   EventRegistryPolicy:
     Type: AWS::EventSchemas::RegistryPolicy

unicorn_contracts/integration/subscriber-policies.yaml

@@ -47,6 +47,6 @@ Resources:
             "events:creatorAccount": "${aws:PrincipalAccount}"
           StringEquals:
             "events:source":
-              - Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+              - "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
           "Null":
             "events:source": "false"

unicorn_contracts/template.yaml

@@ -1,6 +1,6 @@
 # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: MIT-0
-AWSTemplateFormatVersion: 2010-09-09
+AWSTemplateFormatVersion: "2010-09-09"
 Transform:
   - AWS::LanguageExtensions
   - AWS::Serverless-2016-10-31
@@ -12,10 +12,10 @@ Metadata:
     config:
       ignore_checks:
         - ES4000 # Rule disabled because the CatchAll Rule doesn't need a DLQ
-        - ES6000 # Rule disabled because SQS DLOs don't need a RedrivePolicy
+        - ES6000 # Rule disabled because SQS DLQs don't need a RedrivePolicy
         - WS2001 # Rule disabled because check does not support !ToJsonString transform
         - ES1001 # Rule disabled because our Lambda functions don't need DestinationConfig.OnFailure
-        - W3002
+        - W3002 # Rule disabled as nested templates are being packaged
 
 Parameters:
   Stage:
@@ -54,18 +54,18 @@ Globals:
     Environment:
       Variables:
         DYNAMODB_TABLE: !Ref ContractsTable
-        SERVICE_NAMESPACE: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
-        POWERTOOLS_SERVICE_NAME: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+        SERVICE_NAMESPACE: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
+        POWERTOOLS_SERVICE_NAME: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
         POWERTOOLS_TRACE_DISABLED: "false" # Explicitly disables tracing, default
         POWERTOOLS_LOGGER_LOG_EVENT: !If [IsProd, "false", "true"] # Logs incoming event, default
         POWERTOOLS_LOGGER_SAMPLE_RATE: !If [IsProd, "0.1", "0"] # Debug log sampling percentage, default
-        POWERTOOLS_METRICS_NAMESPACE: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+        POWERTOOLS_METRICS_NAMESPACE: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
         POWERTOOLS_LOG_LEVEL: INFO # Log level for Logger (INFO, DEBUG, etc.), default
         LOG_LEVEL: INFO # Log level for Logger
     Tags:
       stage: !Ref Stage
       project: !FindInMap [Constants, ProjectName, Value]
-      namespace: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+      namespace: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
 Resources:
   #### SSM PARAMETERS
@@ -148,8 +148,9 @@ Resources:
       Tags:
         stage: !Ref Stage
         project: !FindInMap [Constants, ProjectName, Value]
-        namespace: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+        namespace: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
+  # API GW Cloudwatch Log Group
   UnicornContractsApiLogGroup:
     Type: AWS::Logs::LogGroup
     UpdateReplacePolicy: Delete
@@ -216,7 +217,7 @@ Resources:
         - Key: project
           Value: !FindInMap [Constants, ProjectName, Value]
         - Key: namespace
-          Value: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          Value: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
   #### DEAD LETTER QUEUES
   # DeadLetterQueue for UnicornContractsIngestQueue. Contains messages that failed to be processed
@@ -234,7 +235,7 @@ Resources:
         - Key: project
           Value: !FindInMap [Constants, ProjectName, Value]
         - Key: namespace
-          Value: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          Value: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
   #### DYNAMODB TABLE
   # Persist Contracts information in DynamoDB
@@ -258,7 +259,7 @@ Resources:
         - Key: project
           Value: !FindInMap [Constants, ProjectName, Value]
         - Key: namespace
-          Value: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          Value: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
   #### EVENT BUS
   # Event bus for Unicorn Contract Service used to publish and consume events
@@ -283,7 +284,7 @@ Resources:
         Condition:
           StringEquals:
             events:source:
-              - !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+              - "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
   # Catchall rule used for development purposes.
   UnicornContractsCatchAllRule:
@@ -296,9 +297,9 @@ Resources:
         account:
           - !Ref AWS::AccountId
         source:
-          - !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
-          - !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornPropertiesNamespace}}"
-          - !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornWebNamespace}}"
+          - "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
+          - "{{resolve:ssm:/uni-prop/UnicornPropertiesNamespace}}"
+          - "{{resolve:ssm:/uni-prop/UnicornWebNamespace}}"
       State: ENABLED #You may want to disable this rule in production
       Targets:
         - Arn: !GetAtt UnicornContractsCatchAllLogGroup.Arn
@@ -313,7 +314,7 @@ Resources:
       LogGroupName: !Sub
         - "/aws/events/${Stage}/${NS}-catchall"
         - Stage: !Ref Stage
-          NS: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          NS: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
       RetentionInDays: !FindInMap
         - LogsRetentionPeriodMap
         - !Ref Stage
@@ -374,7 +375,7 @@ Resources:
       Target: !GetAtt UnicornContractsEventBus.Arn
       TargetParameters:
         EventBridgeEventBusParameters:
-          Source: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          Source: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
           DetailType: ContractStatusChanged
         InputTemplate: !ToJsonString
           property_id: "<$.dynamodb.NewImage.property_id.S>"
@@ -430,12 +431,14 @@ Resources:
         - Key: project
           Value: !FindInMap [Constants, ProjectName, Value]
         - Key: namespace
-          Value: !Sub "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          Value: "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
 
   #### CLOUDFORMATION NESTED STACKS
   # CloudFormation Stack with the Contracts Service Event Registry and Schemas
   EventSchemasStack:
     Type: AWS::Serverless::Application
+    UpdateReplacePolicy: Delete
+    DeletionPolicy: Delete
     Properties:
       Location: "integration/event-schemas.yaml"
       Parameters:
@@ -444,6 +447,8 @@ Resources:
   # CloudFormation Stack with the Cross-service EventBus policy for Contracts Service
   SubscriberPoliciesStack:
     Type: AWS::Serverless::Application
+    UpdateReplacePolicy: Delete
+    DeletionPolicy: Delete
     DependsOn:
       - UnicornContractsEventBusNameParam
     Properties:

unicorn_properties/integration/event-schemas.yaml

@@ -1,6 +1,6 @@
 # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: MIT-0
-AWSTemplateFormatVersion: '2010-09-09'
+AWSTemplateFormatVersion: "2010-09-09"
 Description: Event Schemas for use by the Properties Service
 
 Parameters:
@@ -18,7 +18,7 @@ Resources:
     Properties: 
       Description: 'Event schemas for Unicorn Properties'
       RegistryName:
-        Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornPropertiesNamespace}}-${Stage}"
+        Fn::Sub: "{{resolve:ssm:/uni-prop/UnicornPropertiesNamespace}}-${Stage}"
 
   EventRegistryPolicy:
     Type: AWS::EventSchemas::RegistryPolicy

unicorn_properties/integration/subscriber-policies.yaml

@@ -1,6 +1,6 @@
 # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: MIT-0
-AWSTemplateFormatVersion: '2010-09-09'
+AWSTemplateFormatVersion: "2010-09-09"
 Description: >
   Defines the event bus policies that determine who can create rules on the event bus to
   subscribe to events published by Unicorn Properties Service.
@@ -46,6 +46,6 @@ Resources:
             "events:creatorAccount": "${aws:PrincipalAccount}"
           StringEquals:
             "events:source":
-              - Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornPropertiesNamespace}}"
+              - "{{resolve:ssm:/uni-prop/UnicornPropertiesNamespace}}"
           "Null":
             "events:source": "false"

unicorn_properties/integration/subscriptions.yaml

@@ -1,6 +1,6 @@
 # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: MIT-0
-AWSTemplateFormatVersion: '2010-09-09'
+AWSTemplateFormatVersion: "2010-09-09"
 Description: Defines the rule for the events (subscriptions) that Unicorn Properties wants to consume.
 
 Parameters:
@@ -23,7 +23,7 @@ Resources:
         Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsEventBusArn}}"
       EventPattern:
         source:
-          - Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornContractsNamespace}}"
+          - "{{resolve:ssm:/uni-prop/UnicornContractsNamespace}}"
         detail-type:
           - ContractStatusChanged
       State: ENABLED
@@ -32,7 +32,7 @@ Resources:
           Arn:
             Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornPropertiesEventBusArn}}"
           RoleArn:
-            Fn::GetAtt: UnicornPropertiesSubscriptionRole.Arn
+            Fn::GetAtt: [ UnicornPropertiesSubscriptionRole, Arn ]
 
   #### UNICORN WEB EVENT SUBSCRIPTIONS
   PublicationApprovalRequestedSubscriptionRule:
@@ -44,7 +44,7 @@ Resources:
         Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornWebEventBusArn}}"
       EventPattern:
         source:
-          - Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornWebNamespace}}"
+          - "{{resolve:ssm:/uni-prop/UnicornWebNamespace}}"
         detail-type:
           - PublicationApprovalRequested
       State: ENABLED
@@ -53,7 +53,7 @@ Resources:
           Arn:
             Fn::Sub: "{{resolve:ssm:/uni-prop/${Stage}/UnicornPropertiesEventBusArn}}"
           RoleArn:
-            Fn::GetAtt: UnicornPropertiesSubscriptionRole.Arn
+            Fn::GetAtt: [ UnicornPropertiesSubscriptionRole, Arn ]
 
 
   # This IAM role allows EventBridge to assume the permissions necessary to send events 
@@ -81,9 +81,9 @@ Outputs:
   ContractStatusChangedSubscription:
     Description: Rule ARN for Contract service event subscription
     Value:
-      Fn::GetAtt: ContractStatusChangedSubscriptionRule.Arn
+      Fn::GetAtt: [ ContractStatusChangedSubscriptionRule, Arn ]
 
   PublicationApprovalRequestedSubscription:
     Description: Rule ARN for Web service event subscription
     Value:
-      Fn::GetAtt: PublicationApprovalRequestedSubscriptionRule.Arn
+      Fn::GetAtt: [ PublicationApprovalRequestedSubscriptionRule, Arn ]