-
Notifications
You must be signed in to change notification settings - Fork 69
/
template.yaml
78 lines (69 loc) · 2.22 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS::Serverless-2016-10-31
Description: >
pinpoint-custom-channel-attachments
SAM Template for Amazon Pinpoint attachments custom channel.
Parameters:
PinpointAppId:
Type: String
Description: "The Amazon Pinpoint application or project id."
MaxLength: 50
AttachmentsBucketName:
Type: String
Description: "The S3 bucket where attachments will be stored."
S3URLExpiration:
Type: Number
Default: 3600
Description: "The S3 presigned URL expiration time in seconds."
FileType:
Type: String
Default: ".pdf"
Description: "The file type that will be used for the attachments starting with . e.g. .csv or .pdf."
Resources:
PinpointCustomAttachmentLambda:
Type: AWS::Serverless::Function
Metadata:
cfn_nag:
rules_to_suppress:
- id: W89
reason: Not public facing.
Properties:
ReservedConcurrentExecutions: 1
CodeUri: functions/custom-channel-attachments/
Handler: index.lambda_handler
Runtime: python3.9
Timeout: 150
MemorySize: 512
Architectures:
- arm64
Environment:
Variables:
PINPOINT_APP_ID: !Ref PinpointAppId
BUCKET_NAME: !Ref AttachmentsBucketName
EXPIRATION: !Ref S3URLExpiration
FILE_TYPE: !Ref FileType
Policies:
- Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- mobiletargeting:SendMessages
- mobiletargeting:GetEmailTemplate
Resource: !Sub "arn:aws:mobiletargeting:${AWS::Region}:${AWS::AccountId}:*"
- Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- ses:SendRawEmail
Resource: !Sub "arn:aws:ses:${AWS::Region}:${AWS::AccountId}:*"
- Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- s3:GetObject
Resource: !Sub "arn:aws:s3:::${AttachmentsBucketName}/*"
- CloudWatchLogsFullAccess
Outputs:
AWSLambda:
Description: "Name of AWS Lambda function created."
Value: !Ref PinpointCustomAttachmentLambda