sosw_scheduler example

docs/installation.rst

@@ -17,8 +17,17 @@ Steps
 
 Setup AWS Account
 -----------------
-As an AWS Lambda Serverless implementation deployment should be done in an AWS account. To setup a new account, follow
-the `AWS Documentation <https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/>`_
+``sosw`` implementation currently supports only AWS infrastructure. If you are running production operations on AWS,
+we highly recommend setting up a standalone account for your first experiments with ``sosw``.
+`AWS Organisations <https://aws.amazon.com/organizations/>`_ now provide an easy way to set sub-accounts from
+the primary one.
+
+To setup a completely isolated new account, follow the
+`AWS Documentation <https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/>`_
+
+We shall require several services, but they are all supposed to fit in the
+`AWS Free Tier. <https://aws.amazon.com/free/>`_ As long as the resources are created using CloudFormation,
+once you delete the stacks - the related resources will also be deleted automatically to avoid unnecessary charges.
 
 
 Provision Required AWS Resources

examples/essentials/sosw_scheduler/app.py

@@ -0,0 +1,18 @@
+"""Sosw Essential Scheduler
+"""
+
+import logging
+
+from sosw.scheduler import Scheduler
+from sosw.app import LambdaGlobals, get_lambda_handler
+
+logger = logging.getLogger()
+logger.setLevel(logging.INFO)
+
+
+class Essential(Scheduler):
+    pass
+
+
+global_vars = LambdaGlobals()
+lambda_handler = get_lambda_handler(Essential, global_vars)

examples/essentials/sosw_scheduler/requirements.txt

@@ -0,0 +1 @@
+sosw

examples/essentials/sosw_scheduler/sosw-scheduler.yaml

@@ -0,0 +1,119 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: "sosw_scheduler"
+
+Parameters:
+  ExecutionPolicy:
+    Description: "Managed execution policy for sosw lambdas."
+    Type: String
+    Default: 'AWSLambdaBasicExecutionRole'
+
+  ConfigTableName:
+    Description: "Config Table."
+    Type: String
+    Default: 'config'
+
+Resources:
+
+  LambdaSoswSchedulerRole:
+    Type: "AWS::IAM::Role"
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+        - Effect: Allow
+          Principal:
+            Service:
+            - "lambda.amazonaws.com"
+          Action:
+          - "sts:AssumeRole"
+      Path: "/"
+      ManagedPolicyArns:
+        - !Sub "arn:aws:iam::aws:policy/service-role/${ExecutionPolicy}"
+
+      Policies:
+      - PolicyName: "SoswSchedulerPermissions"
+        PolicyDocument:
+          Version: "2012-10-17"
+          Statement:
+
+          - Effect: "Allow"
+            Action: "dynamodb:*"
+            Resource:
+#              - !Sub "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}/table/${Fn::ImportValue: 'sosw-ddb-tasks'}/*"
+              - Fn::Join:
+                - ':'
+                - - !Sub "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}"
+                  - Fn::Join:
+                    - '/'
+                    - - "table"
+                      - Fn::ImportValue: "sosw-ddb-tasks"
+                      - "*"
+              - Fn::Join:
+                - ':'
+                - - "arn:aws:dynamodb"
+                  - !Ref AWS::Region
+                  - !Ref AWS::AccountId
+                  - Fn::Join:
+                    - '/'
+                    - - "table"
+                      - Fn::ImportValue: "sosw-ddb-tasks"
+
+# You can provide access explicitly here, but we normally recommend keeping it in the Custom policy of ConfigTable.
+# See examples/yaml/sosw-shared-dynamodb.yaml
+          - Effect: "Allow"
+            Action:
+              - "dynamodb:Query"
+              - "dynamodb:DescribeTable"
+            Resource:
+              - !Sub "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${ConfigTableName}"
+
+      RoleName: "lambda_sosw_scheduler"
+
+
+#################################
+# Lambda Function for Essential #
+#################################
+  LambdaSoswScheduler:
+    Type: "AWS::Lambda::Function"
+    Properties:
+      Code:
+        S3Bucket: !Sub "sosw-s3-${AWS::AccountId}"
+        S3Key: "sosw/packages/sosw_scheduler.zip"
+      Description: "ABS. CloudFormation managed sosw Scheduler."
+      FunctionName: "sosw_scheduler"
+      Handler: "app.lambda_handler"
+      MemorySize: 1024
+      Role: !GetAtt LambdaSoswSchedulerRole.Arn
+      Runtime: "python3.7"
+      Timeout: 900
+
+      Tags:
+       -
+         Key: 'Environment'
+         Value: 'dev'
+
+
+##############################################
+# Permissions for CloudWatch ScheduledEvents #
+# The actual Rules are configured in the     #
+# scheduled-rules.yaml template.             #
+##############################################
+  PermissionForEventsToInvokeLambdaSoswScheduler:
+    Type: "AWS::Lambda::Permission"
+    Properties:
+      FunctionName:
+        Ref: "LambdaSoswScheduler"
+      Action: "lambda:InvokeFunction"
+      Principal: "events.amazonaws.com"
+
+
+#############################################
+# Export Values to CloudFormation Namespace #
+#############################################
+Outputs:
+
+  LambdaSoswScheduler:
+    Description: "Sosw Scheduler Essential"
+    Value: !Ref LambdaSoswScheduler
+    Export:
+      Name: "sosw-lambda-scheduler"