-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.json
116 lines (116 loc) · 3.1 KB
/
template.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "oracle sql injector",
"Parameters": {
"LambdaS3BucketName": {
"Description": "The name of the S3 bucket that contains the source code of your Lambda function.",
"Type": "String"
},
"LambdaS3Key": {
"Description": "The location and name of your source code .zip file.",
"Type": "String",
"Default": "oracle-sql-injector.zip"
},
"OracleUserName": {
"Type": "String"
},
"OraclePassword": {
"Type": "String",
"NoEcho": "true"
},
"OracleConnectionString": {
"Type": "String",
"Default": "test-oracle.g6d7gf6d5.eu-west-1.rds.amazonaws.com:1521/ORCL"
},
"OracleSQLS3Key": {
"Type": "String"
},
"OracleSQLBucketName": {
"Description": "The name of the S3 bucket that contains the SQL file to inject.",
"Type": "String"
}
},
"Resources": {
"LambdaRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": ["sts:AssumeRole"]
}]
},
"Path": "/",
"Policies": [{
"PolicyName": "logs",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"logs:*"
],
"Resource": "arn:aws:logs:*:*:*"
}]
}
}, {
"PolicyName": "test-s3-document",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": [{"Fn::Join": ["", ["arn:aws:s3:::", {"Ref": "OracleSQLBucketName"}, "/*"]]}]
}]
}
}]
}
},
"Lambda": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Code": {
"S3Bucket": {"Ref": "LambdaS3BucketName"},
"S3Key": {"Ref": "LambdaS3Key"}
},
"Description": "Oracle SQL injector",
"Handler": "index.handler",
"MemorySize": 128,
"Role": {"Fn::GetAtt": ["LambdaRole", "Arn"]},
"Runtime": "nodejs4.3",
"Timeout": 30
}
},
"OracleSQLInjectorInfo": {
"Type": "Custom::OracleSQLInjectorInfo",
"Properties": {
"ServiceToken": { "Fn::GetAtt" : ["Lambda", "Arn"] },
"OracleUserName": {
"Ref": "OracleUserName"
},
"OraclePassword": {
"Ref": "OraclePassword"
},
"OracleConnectionString": {
"Ref": "OracleConnectionString"
},
"OracleSQLBucketName": {
"Ref": "OracleSQLBucketName"
},
"OracleSQLS3Key": {
"Ref": "OracleSQLS3Key"
}
}
}
},
"Outputs": {
"Result": {
"Description": "Result SQL",
"Value" : {"Fn::GetAtt": ["OracleSQLInjectorInfo", "result"]}
}
}
}