AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: "Template to set up Kinesis stream, Lambda functions, S3 bucket, DynamoDB table and related IAM roles for AWS Lambda Real-time Stream Processing Reference Architecture. PLEASE NOTE: The CloudFormation Stack Name must be all lowercase as it is used as part of the S3 bucket name. Otherwise the stack creation will fail."
Parameters:
LambdaS3Bucket:
Type: String
Default: awslambda-reference-architectures
Description: Name of S3 bucket where Lambda function packages are stored.
LambdaDDBEventProcessorS3Key:
Type : String
Default : stream-processing/ddb_eventprocessor.zip
Description : Name of S3 key for Zip with Stream Processing DynamoDB Event Processor Lambda function package.
LambdaDDBEventProcessorHandler:
Type : String
Default : ddb_eventprocessor.handler
Description : Name of handler for Stream Processing DynamoDB Event Processor Lambda function.
Resources:
EventStream:
Type: 'AWS::Kinesis::Stream'
Properties:
ShardCount: 1
DDBEventProcessor:
Type: 'AWS::Serverless::Function'
Properties:
Description: Stream Processing DDB Event Processor
Handler: !Ref LambdaDDBEventProcessorHandler
MemorySize: 128
Role: !GetAtt
- EventProcessorExecutionRole
- Arn
Timeout: 10
Runtime: nodejs6.10
CodeUri:
Bucket: !Ref LambdaS3Bucket
Key: !Ref LambdaDDBEventProcessorS3Key
Events:
Stream:
Type: Kinesis
Properties:
Stream: !GetAtt EventStream.Arn
StartingPosition: TRIM_HORIZON
BatchSize: 25
EventDataTable:
Type: 'AWS::DynamoDB::Table'
Properties:
AttributeDefinitions:
- AttributeName: Username
AttributeType: S
- AttributeName: Id
AttributeType: S
KeySchema:
- AttributeName: Username
KeyType: HASH
- AttributeName: Id
KeyType: RANGE
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
TableName: !Join
- ''
- - !Ref 'AWS::StackName'
- '-EventData'
EventProcessorExecutionRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- 'sts:AssumeRole'
Path: /
Policies:
- PolicyName: EventProcessorExecutionPolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- 'logs:*'
Resource: 'arn:aws:logs:*:*:*'
- Effect: Allow
Action:
- 'dynamodb:BatchWriteItem'
Resource: !Join
- ''
- - 'arn:aws:dynamodb:'
- !Ref 'AWS::Region'
- ':'
- !Ref 'AWS::AccountId'
- ':table/'
- !Ref 'AWS::StackName'
- '-EventData'
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole'
streamprocessingclient:
Type: 'AWS::IAM::User'
ClientPolicy:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: StreamProcessingClientPolicy
PolicyDocument:
Statement:
- Effect: Allow
Action:
- 'kinesis:Put*'
Resource: !Join
- ''
- - 'arn:aws:kinesis:'
- !Ref 'AWS::Region'
- ':'
- !Ref 'AWS::AccountId'
- ':stream/'
- !Ref EventStream
Users:
- !Ref streamprocessingclient
ClientKeys:
Type: 'AWS::IAM::AccessKey'
Properties:
UserName: !Ref streamprocessingclient
Outputs:
AccessKeyId:
Value: !Ref ClientKeys
Description: AWS Access Key Id of stream processing client user
SecretAccessKey:
Value: !GetAtt
- ClientKeys
- SecretAccessKey
Description: AWS Secret Key of stream processing client user
KinesisStream:
Value: !Ref EventStream
Description: The Kinesis stream used for ingestion.
Region:
Value: !Ref 'AWS::Region'
Description: The region this template was launched in.
[嗨,这是我的cloudformation模板,应该创建Kinesis流
创建一个名为-EventData的DynamoDB表
创建Lambda函数1(-DDBEventProcessor),该函数从Kinesis接收记录并将记录写入DynamoDB表中
创建一个IAM角色和策略以允许从Kinesis Stream读取事件处理Lambda函数并写入DynamoDB表
创建一个具有将事件放入Kinesis流中的权限的IAM用户,以及该用户在API客户端中使用的凭据
但是我遇到了错误,ROLLBACK_COMPLETE,如果需要任何更改,请提出建议。谢谢。
[cfn-lint警告:
E2531: Deprecated runtime (nodejs6.10) specified. Updating disabled since 2019-06-30, please consider to update to nodejs10.x