/
snsLambdaEventSourceResource.go
118 lines (104 loc) · 3.9 KB
/
snsLambdaEventSourceResource.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package resources
import (
"context"
"encoding/json"
"fmt"
awsv2 "github.com/aws/aws-sdk-go-v2/aws"
awsv2SNS "github.com/aws/aws-sdk-go-v2/service/sns"
gof "github.com/awslabs/goformation/v5/cloudformation"
"github.com/rs/zerolog"
)
// SNSLambdaEventSourceResourceRequest defines the request properties to configure
// SNS
type SNSLambdaEventSourceResourceRequest struct {
CustomResourceRequest
LambdaTargetArn string
SNSTopicArn string
}
// SNSLambdaEventSourceResource is a simple POC showing how to create custom resources
type SNSLambdaEventSourceResource struct {
gof.CustomResource
}
func (command SNSLambdaEventSourceResource) updateRegistration(isTargetActive bool,
awsConfig awsv2.Config,
event *CloudFormationLambdaEvent,
logger *zerolog.Logger) (map[string]interface{}, error) {
request := SNSLambdaEventSourceResourceRequest{}
unmarshalErr := json.Unmarshal(event.ResourceProperties, &request)
if unmarshalErr != nil {
return nil, unmarshalErr
}
// Get the current subscriptions...
snsSvc := awsv2SNS.NewFromConfig(awsConfig)
snsInput := &awsv2SNS.ListSubscriptionsByTopicInput{
TopicArn: awsv2.String(request.SNSTopicArn),
}
listSubscriptions, listSubscriptionsErr := snsSvc.ListSubscriptionsByTopic(context.Background(), snsInput)
if listSubscriptionsErr != nil {
return nil, listSubscriptionsErr
}
var lambdaSubscriptionArn string
for _, eachSubscription := range listSubscriptions.Subscriptions {
if *eachSubscription.Protocol == "lambda" &&
*eachSubscription.Endpoint == request.LambdaTargetArn {
if lambdaSubscriptionArn != "" {
return nil, fmt.Errorf("multiple SNS %s registrations found for lambda: %s",
*snsInput.TopicArn,
request.LambdaTargetArn)
}
lambdaSubscriptionArn = *eachSubscription.SubscriptionArn
}
}
// Just log it...
logger.Info().
Interface("SNSTopicArn", request.SNSTopicArn).
Interface("LambdaArn", request.LambdaTargetArn).
Interface("ExistingSubscriptionArn", lambdaSubscriptionArn).
Msg("Current SNS subscription status")
var opErr error
if isTargetActive && lambdaSubscriptionArn == "" {
subscribeInput := &awsv2SNS.SubscribeInput{
Protocol: awsv2.String("lambda"),
TopicArn: awsv2.String(request.SNSTopicArn),
Endpoint: awsv2.String(request.LambdaTargetArn),
}
_, opErr = snsSvc.Subscribe(context.Background(), subscribeInput)
} else if !isTargetActive && lambdaSubscriptionArn != "" {
unsubscribeInput := &awsv2SNS.UnsubscribeInput{
SubscriptionArn: awsv2.String(lambdaSubscriptionArn),
}
_, opErr = snsSvc.Unsubscribe(context.Background(), unsubscribeInput)
} else {
// Just log it...
logger.Info().
Interface("Command", command).
Msg("No SNS operation required")
}
return nil, opErr
}
// IAMPrivileges returns the IAM privs for this custom action
func (command *SNSLambdaEventSourceResource) IAMPrivileges() []string {
return []string{"sns:ConfirmSubscription",
"sns:GetTopicAttributes",
"sns:ListSubscriptionsByTopic",
"sns:Subscribe",
"sns:Unsubscribe"}
}
// Create implements the custom resource create operation
func (command SNSLambdaEventSourceResource) Create(ctx context.Context, awsConfig awsv2.Config,
event *CloudFormationLambdaEvent,
logger *zerolog.Logger) (map[string]interface{}, error) {
return command.updateRegistration(true, awsConfig, event, logger)
}
// Update implements the custom resource update operation
func (command SNSLambdaEventSourceResource) Update(ctx context.Context, awsConfig awsv2.Config,
event *CloudFormationLambdaEvent,
logger *zerolog.Logger) (map[string]interface{}, error) {
return command.updateRegistration(true, awsConfig, event, logger)
}
// Delete implements the custom resource delete operation
func (command SNSLambdaEventSourceResource) Delete(ctx context.Context, awsConfig awsv2.Config,
event *CloudFormationLambdaEvent,
logger *zerolog.Logger) (map[string]interface{}, error) {
return command.updateRegistration(false, awsConfig, event, logger)
}