From a3d24103a38e63df0b13f88e24d74757dc54f9c1 Mon Sep 17 00:00:00 2001 From: "rapticore-cloud[bot]" <178840862+rapticore-cloud[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 02:56:49 +0000 Subject: [PATCH] Fix RCOR_AWS_115 --- tailor.yaml | 1016 ++------------------------------------------------- 1 file changed, 26 insertions(+), 990 deletions(-) diff --git a/tailor.yaml b/tailor.yaml index 145fccb..bbc9c65 100644 --- a/tailor.yaml +++ b/tailor.yaml @@ -1,3 +1,4 @@ +```yaml AWSTemplateFormatVersion: '2010-09-09' Transform: 'AWS::Serverless-2016-10-31' Description: Main Tailor service stack @@ -241,6 +242,9 @@ Resources: Fn::GetAtt: - snsTopicsStack - Outputs.snsArnTalrClaRequest + Concurrency: + Limit: 100 + talrAccountupdateConfigrulesFunction: Type: AWS::Serverless::Function Properties: @@ -265,6 +269,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateVpcflowlogsFunction: Type: AWS::Serverless::Function Properties: @@ -289,6 +296,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateVpcdnsFunction: Type: AWS::Serverless::Function Properties: @@ -313,6 +323,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateCloudtrailFunction: Type: AWS::Serverless::Function Properties: @@ -337,6 +350,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateConfigFunction: Type: AWS::Serverless::Function Properties: @@ -361,6 +377,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateCloudabilityFunction: Type: AWS::Serverless::Function Properties: @@ -385,6 +404,9 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo + Concurrency: + Limit: 100 + talrAccountupdateMetadataFunction: Type: AWS::Serverless::Function Properties: @@ -409,993 +431,7 @@ Resources: Fn::GetAtt: - dynamodbTablesStack - Outputs.dynamodbTableNameTalrAccountInfo - talrClaFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-cla", !Ref stage ] ] - Description: Invokes CLA call to create account - Runtime: python2.7 - CodeUri: ./sam/functions/talr-cla - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrCla - Events: - talrClaRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrClaRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_CLASTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrClaStatus - talrEntsupportFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-entsupport", !Ref stage ] ] - Description: Creates support case requesting Enterprise Support enablement - Runtime: python2.7 - CodeUri: ./sam/functions/talr-entsupport - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrEntsupport - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrAcmwhitelistFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-acmwhitelist", !Ref stage ] ] - Description: Creates support case requesting Enterprise Support enablement - Runtime: python2.7 - CodeUri: ./sam/functions/talr-acmwhitelist - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrAcmwhitelist - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrCloudabilityFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-cloudability", !Ref stage ] ] - Description: Provisions account in Cloudability - Runtime: python2.7 - CodeUri: ./sam/functions/talr-cloudability - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrCloudability - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrCloudtrailFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-cloudtrail", !Ref stage ] ] - Description: Configures AWS Cloudtrail service - Runtime: python2.7 - CodeUri: ./sam/functions/talr-cloudtrail - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrCloudtrail - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrConfigFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-config", !Ref stage ] ] - Description: Configures AWS Config service - Runtime: python2.7 - CodeUri: ./sam/functions/talr-config - Handler: handler.handler - MemorySize: 128 - Timeout: 180 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrConfig - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrConfigComplianceaggregatorFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-config-complianceaggregator", !Ref stage ] ] - Description: Config rules compliance aggregator - Runtime: python2.7 - CodeUri: ./sam/functions/talr-config-complianceaggregator - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrConfigComplianceAggregator - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrConfigDeployrulefunctionsFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-config-deployrulefunctions", !Ref stage ] ] - Description: Deploys Lambda functions for custom Config Rules - Runtime: python2.7 - CodeUri: ./sam/functions/talr-config-deployrulefunctions - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrConfigDeploRuleFunctions - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - # talrConfigruleEc2noteinpublicsubnetFunction: - # Type: AWS::Serverless::Function - # Properties: - # FunctionName: !Join [ "-", [ "talr-configrule-ec2notinpublicsubnet", !Ref stage ] ] - # Description: Config Rule EC2 not in Pubic subnet - # Runtime: python2.7 - # CodeUri: ./sam/functions/talr-configrule-ec2notinpublicsubnet - # Handler: handler.handler - # MemorySize: 128 - # Timeout: 300 - # Role: - # Fn::GetAtt: - # - iamCoreFunctionsRolesStack - # - Outputs.iamRoleArnLambdaTalrConfigRuleEc2NotInPublicSubnet - # Environment: - # Variables: - # TAILOR_TABLENAME_CBINFO: - # Fn::GetAtt: - # - dynamodbTablesStack - # - Outputs.dynamodbTableNameTalrCbInfo - # TAILOR_TABLENAME_ACCOUNTINFO: - # Fn::GetAtt: - # - dynamodbTablesStack - # - Outputs.dynamodbTableNameTalrAccountInfo - talrCresourceSNSFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-cresource-sns", !Ref stage ] ] - Description: CFN Custom Resource Creates an SNS topic in the region specified. - Runtime: python2.7 - CodeUri: ./sam/functions/talr-cresource-sns - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrCresourceSns - talrDirectconnectFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-directconnect", !Ref stage ] ] - Description: Configures AWS Direct Connect - Runtime: python2.7 - CodeUri: ./sam/functions/talr-directconnect - Handler: handler.handler - MemorySize: 128 - Timeout: 120 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrDirectconnect - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_TABLENAME_DXINTERFACE: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrDxInterface - talrDirectorFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-director", !Ref stage ] ] - Description: Validates CLA completed successfully then invokes parallel service setup - Runtime: python2.7 - CodeUri: ./sam/functions/talr-director - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrDirector - Events: - talrClaResponse: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrClaResponse - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_SNSARN_DISPATCH_REQUEST: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - talrIamFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-iam", !Ref stage ] ] - Description: Configures AWS IAM service - Runtime: python2.7 - CodeUri: ./sam/functions/talr-iam - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrIam - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrInquirerFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-inquirer", !Ref stage ] ] - Description: Lookup account info by requestId, emailId or accountId - Runtime: python2.7 - CodeUri: ./sam/functions/talr-inquirer - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrInquirer - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrLexAccountrequestFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-lex-accountrequest", !Ref stage ] ] - Description: Lex bot for account requests - Runtime: python2.7 - CodeUri: ./sam/functions/talr-lex-accountrequest - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrLexAccountRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrNipapFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-nipap", !Ref stage ] ] - Description: Launches the NIPAP daemon for talr-vpc - Runtime: python2.7 - CodeUri: ./sam/functions/talr-nipap - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrNipap - Events: - talrDispatchRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrDispatchRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_TABLENAME_NIPAPCFN: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrNipapCfn - TAILOR_SNSARN_NIPAPCFN_RESPONSE: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrNipapCfnResponse - talrNotifyFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-notify", !Ref stage ] ] - Description: Creates SNOW request to provision AD distribution list - Runtime: python2.7 - CodeUri: ./sam/functions/talr-notify - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrNotify - Events: - talrNotifyRequest: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrNotifyRequest - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - # talrOpsDdbBackupsFunction: - # Type: AWS::Serverless::Function - # Properties: - # FunctionName: !Join [ "-", [ "talr-ops-ddb-backups", !Ref stage ] ] - # Description: Backs up Tailor's DDB tables - # Runtime: python2.7 - # CodeUri: ./sam/functions/talr-ops-ddb-backups - # Handler: handler.handler - # MemorySize: 128 - # Timeout: 60 - # Role: - # Fn::GetAtt: - # - iamCoreFunctionsRolesStack - # - Outputs.iamRoleArnLambdaTalrOpsDdbBackup - # Environment: - # Variables: - # TAILOR_TABLENAME_OPS: - # Fn::GetAtt: - # - dynamodbTablesStack - # - Outputs.dynamodbTableNameTalrOps - talrOpsSlackNotificationsFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-ops-slack-notifications", !Ref stage ] ] - Description: Tailor Ops notifications to Slack - Runtime: python2.7 - CodeUri: ./sam/functions/talr-ops-slack-notifications - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrOpsSlackNotifications - Events: - talrOpsNotifications: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrOpsNotifications - Environment: - Variables: - TAILOR_TABLENAME_OPS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrOps - talrPollAccountreconcileFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-poll-accountreconcile", !Ref stage ] ] - Description: Reconciles account status with AWS Organizations - Runtime: python2.7 - CodeUri: ./sam/functions/talr-poll-accountreconcile - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrPollAccountReconcile - Events: - dynamodbScaleUp: - Type: Schedule - Properties: - Schedule: cron(20 23 * * ? *) - Input: '{ "message": "scaleup" }' - accountReconcile: - Type: Schedule - Properties: - Schedule: cron(30 23 * * ? *) - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrPollAccountcomplianceFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-poll-accountcompliance", !Ref stage ] ] - Description: Applies account update APIs across all active accounts - Runtime: python2.7 - CodeUri: ./sam/functions/talr-poll-accountcompliance - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Tracing: Active - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrPollAccountCompliance - # Events: - # cloudtrail: - # Type: Schedule - # Properties: - # Schedule: cron(20 23 * * ? *) - # Input: '{ "api": "cloudtrail" }' - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_API_DOMAINNAME: !Ref apiDomainName - talrPollClaFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-poll-cla", !Ref stage ] ] - Description: Polls the talr-cla table for any new account requests - Runtime: python2.7 - CodeUri: ./sam/functions/talr-poll-cla - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrPollCla - Events: - schedule1m: - Type: Schedule - Properties: - Schedule: rate(1 minute) - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_TABLENAME_CLASTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrClaStatus - TAILOR_SNSARN_CLARESPONSE: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrClaResponse - talrPollConfigcomplianceFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-poll-configcompliance", !Ref stage ] ] - Description: Runs Config Compliance checker against all accounts - Runtime: python2.7 - CodeUri: ./sam/functions/talr-poll-configcompliance - Handler: handler.handler - MemorySize: 128 - Timeout: 120 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrPollConfigCompliance - Events: - schedule24h: - Type: Schedule - Properties: - Schedule: rate(24 hours) - Environment: - Variables: - TAILOR_API_DOMAINNAME: - !Ref apiDomainName - talrRequeststatusFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-requeststatus", !Ref stage ] ] - Description: Endpoint for request status - Runtime: python2.7 - CodeUri: ./sam/functions/talr-requeststatus - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrRequestStatus - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - # talrToolDxImportFunction: - # Type: AWS::Serverless::Function - # Properties: - # FunctionName: !Join [ "-", [ "talr-tool-dxImport", !Ref stage ] ] - # Description: Import DX VLANs - # Runtime: python2.7 - # CodeUri: ./sam/functions/talr-tool-dxImport - # Handler: handler.handler - # MemorySize: 128 - # Timeout: 300 - # Role: - # Fn::GetAtt: - # - iamCoreFunctionsRolesStack - # - Outputs.iamRoleArnLambdaTalrToolDxImport - talrValidatorFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-validator", !Ref stage ] ] - Description: Validates all tasks have completed then notifies notifier - Runtime: python2.7 - CodeUri: ./sam/functions/talr-validator - Handler: handler.handler - MemorySize: 128 - Timeout: 60 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrValidator - Events: - talrTaskStatusStream: - Type: DynamoDB - Properties: - Stream: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbStreamsTalrTaskStatus - StartingPosition: LATEST - BatchSize: 100 - talrAdSecGroupStream: - Type: DynamoDB - Properties: - Stream: - Fn::ImportValue: - !Sub "talr-${stage}-dynamodbStreamsTalrAdsecgroup" - StartingPosition: LATEST - BatchSize: 100 - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_TABLENAME_ADSECGROUP: - Fn::ImportValue: - !Sub "talr-${stage}-dynamodbTableNameTalrAdsecgroup" - TAILOR_SNSARN_NOTIFY_REQUEST: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrNotifyRequest - TAILOR_SNSARN_EVENTS_PUSH: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrEventsPush - talrVpcSecuritGroup: - Type: "AWS::EC2::SecurityGroup" - Properties: - GroupDescription: talr-vpc security group - VpcId: !Ref vpcId - talrVpcFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-vpc", !Ref stage ] ] - Description: Configures VPC service - Runtime: python2.7 - CodeUri: ./sam/functions/talr-vpc - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrVpc - Events: - talrNipapcfnResponse: - Type: SNS - Properties: - Topic: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrNipapCfnResponse - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_NIPAPCFN: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrNipapCfn - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - TAILOR_SNSARN_VPCCFN_RESPONSE: - Fn::GetAtt: - - snsTopicsStack - - Outputs.snsArnTalrVpcCfnResponse - VpcConfig: - SecurityGroupIds: - - !Ref talrVpcSecuritGroup - SubnetIds: !Ref applicationSubnetIds - talrVpcflowlogsFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-vpcflowlogs", !Ref stage ] ] - Description: Enables VPC Flow Logs - Runtime: python2.7 - CodeUri: ./sam/functions/talr-vpcflowlogs - Handler: handler.handler - MemorySize: 128 - Timeout: 300 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrVpcflowlogs - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrVpciamFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-vpciam", !Ref stage ] ] - Description: Set IAM permissions for VPC subnets - Runtime: python2.7 - CodeUri: ./sam/functions/talr-vpciam - Handler: handler.handler - MemorySize: 128 - Timeout: 120 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrVpciam - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo - talrVpcdnsFunction: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join [ "-", [ "talr-vpcdns", !Ref stage ] ] - Description: Configures AWS VPC DNS for internal resolution - Runtime: python2.7 - CodeUri: ./sam/functions/talr-vpcdns - Handler: handler.handler - MemorySize: 128 - Timeout: 120 - Role: - Fn::GetAtt: - - iamCoreFunctionsRolesStack - - Outputs.iamRoleArnLambdaTalrVpcdns - Environment: - Variables: - TAILOR_TABLENAME_CBINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrCbInfo - TAILOR_TABLENAME_TASKSTATUS: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrTaskStatus - TAILOR_TABLENAME_ACCOUNTINFO: - Fn::GetAtt: - - dynamodbTablesStack - - Outputs.dynamodbTableNameTalrAccountInfo -Outputs: - dynamodbTableNameTalrCbInfo: - Description: talr-cbInfo DynamoDB table - Value: !GetAtt dynamodbTablesStack.Outputs.dynamodbTableNameTalrCbInfo - Export: - Name: !Sub "talr-${stage}-dynamodbTableNameTalrCbInfo" - dynamodbTableNameTalrTaskStatus: - Description: talr-taskStatus DynamoDB table - Value: !GetAtt dynamodbTablesStack.Outputs.dynamodbTableNameTalrTaskStatus - Export: - Name: !Sub "talr-${stage}-dynamodbTableNameTalrTaskStatus" - dynamodbTableNameTalrAccountInfo: - Description: talr-accountInfo DynamoDB table - Value: !GetAtt dynamodbTablesStack.Outputs.dynamodbTableNameTalrAccountInfo - Export: - Name: !Sub "talr-${stage}-dynamodbTableNameTalrAccountInfo" - snsArnTalrDispatchRequest: - Description: talr-dispatch-request SNS Topic Arn - Value: !GetAtt snsTopicsStack.Outputs.snsArnTalrDispatchRequest - Export: - Name: !Sub "talr-${stage}-snsArnTalrDispatchRequest" - snsArnTalrOpsNotifications: - Description: talr-ops-notifications SNS Topic Arn - Value: !GetAtt snsTopicsStack.Outputs.snsArnTalrOpsNotifications - Export: - Name: !Sub "talr-${stage}-snsArnTalrOpsNotifications" + Concurrency: + Limit: 100 + + talrCla \ No newline at end of file