nimblehq · longnd · Oct 16, 2023 · Oct 16, 2023 · Oct 17, 2023
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup node and restore cached dependencies
         uses: actions/setup-node@v3
@@ -29,7 +29,7 @@ jobs:
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v2
         with:
-          terraform_version: 1.5.5
+          terraform_version: 1.6.1
 
       - name: Terraform fmt
         run: terraform fmt -check -recursive
@@ -16,7 +16,7 @@ jobs:
 
     steps:
       - name: Checkout the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.head_ref }}
 

@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
         uses: actions/setup-node@v3

@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Checkout the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
         uses: actions/setup-node@v3

@@ -1,2 +1,2 @@
 nodejs 18.12.1
-terraform 1.5.5
+terraform 1.6.1
@@ -0,0 +1,53 @@
+data "aws_iam_policy_document" "sns_platform_assume_role_policy" {
+  statement {
+    sid     = "SnsPlatformAssumeRolePolicy"
+    effect  = "Allow"
+    actions = ["sts:AssumeRole"]
+
+    principals {
+      type        = "Service"
+      identifiers = ["sns.amazonaws.com"]
+    }
+  }
+}
+
+data "aws_iam_policy_document" "sns_platform_log_policy" {
+  statement {
+    sid    = "LogMobilePushNotificationsPolicy"
+    effect = "Allow"
+
+    actions = [
+      "logs:CreateLogGroup",
+      "logs:CreateLogStream",
+      "logs:PutLogEvents",
+      "logs:PutMetricFilter",
+      "logs:PutRetentionPolicy"
+    ]
+
+    resources = ["*"]
+  }
+}
+
+resource "aws_iam_role" "sns_platform_role" {
+  name = "${var.namespace}-sns-platform-log-role"
+
+  assume_role_policy = data.aws_iam_policy_document.sns_platform_assume_role_policy.json
+}
+
+resource "aws_iam_policy" "sns_platform_log_policy" {
+  name   = "${var.namespace}-platform-log-policy"
+  policy = data.aws_iam_policy_document.sns_platform_log_policy.json
+}
+
+resource "aws_iam_role_policy_attachment" "sns_platform_log_policy" {
+  role       = aws_iam_role.sns_platform_role.name
+  policy_arn = aws_iam_policy.sns_platform_log_policy.arn
+}
+
+resource "aws_sns_platform_application" "mobile_push_notifications" {
+  name                      = "${var.namespace}-mobile-push-notifications"
+  platform                  = "GCM"
+  failure_feedback_role_arn = aws_iam_role.sns_platform_role.arn
+  success_feedback_role_arn = aws_iam_role.sns_platform_role.arn
+  platform_credential       = var.firebase_cloud_messaging_api_key
+}
@@ -0,0 +1,4 @@
+output "aws_sns_plaform_mobile_push_notifications_arn" {
+  description = "ARN of SNS Plaform for mobile push notifications"
+  value       = aws_sns_platform_application.mobile_push_notifications.arn
+}
@@ -0,0 +1,9 @@
+variable "namespace" {
+  description = "The namespace with environment for SNS"
+  type        = string
+}
+
+variable "firebase_cloud_messaging_api_key" {
+  description = "Application Platform API key for FCM"
+  type        = string
+}
@@ -4,7 +4,7 @@ on:
   push:
 
 env:
-  TERRAFORM_VERSION: "1.5.5"
+  TERRAFORM_VERSION:"1.6.1"
   TFSEC_VERSION: "v1.28.1"
 
 concurrency:

@@ -1,2 +1,2 @@
-terraform 1.5.5
+terraform 1.6.1
 tfsec 1.28.1
@@ -1,4 +1,4 @@
 terraform {
   # Terraform version
-  required_version = "1.5.5"
+  required_version = "1.6.1"
 }
@@ -1,4 +1,4 @@
 terraform {
   # Terraform version
-  required_version = "1.5.5"
+  required_version ="1.6.1"
 }