@@ -2,96 +2,13 @@ AWSTemplateFormatVersion: '2010-09-09'
22Transform : ' AWS::Serverless-2016-10-31'
33Description : ' Create pipeline-dashboard application.'
44Resources :
5- EventHandlerRole :
6- Type : AWS::IAM::Role
7- Properties :
8- RoleName : !Sub pipeline-dashboard-event-handler-role-${AWS::Region}
9- AssumeRolePolicyDocument :
10- Version : ' 2012-10-17'
11- Statement :
12- - Effect : Allow
13- Principal :
14- Service :
15- - lambda.amazonaws.com
16- Action :
17- - sts:AssumeRole
18- Path : /
19- Policies :
20- - PolicyName : ' cloudwatch-access'
21- PolicyDocument :
22- Version : ' 2012-10-17'
23- Statement :
24- - Effect : Allow
25- Resource : ' *'
26- Action :
27- - cloudwatch:PutMetricData
28- - PolicyName : ' codepipeline-access'
29- PolicyDocument :
30- Version : ' 2012-10-17'
31- Statement :
32- - Effect : Allow
33- Resource : ' *'
34- Action :
35- - codepipeline:ListPipelineExecutions
36- - PolicyName : ' logs-access'
37- PolicyDocument :
38- Version : ' 2012-10-17'
39- Statement :
40- - Effect : Allow
41- Resource : ' *'
42- Action :
43- - logs:CreateLogGroup
44- - logs:CreateLogStream
45- - logs:DescribeLogGroups
46- - logs:DescribeLogStreams
47- - logs:PutLogEvents
48- DashboardGeneratorRole :
49- Type : AWS::IAM::Role
50- Properties :
51- RoleName : !Sub pipeline-dashboard-generator-role-${AWS::Region}
52- AssumeRolePolicyDocument :
53- Version : ' 2012-10-17'
54- Statement :
55- - Effect : Allow
56- Principal :
57- Service :
58- - lambda.amazonaws.com
59- Action :
60- - sts:AssumeRole
61- Path : /
62- Policies :
63- - PolicyName : ' cloudwatch-access'
64- PolicyDocument :
65- Version : ' 2012-10-17'
66- Statement :
67- - Effect : Allow
68- Resource : ' *'
69- Action :
70- - cloudwatch:ListMetrics
71- - cloudwatch:GetDashboard
72- - cloudwatch:PutDashboard
73- - cloudwatch:DeleteDashboards
74- - PolicyName : ' logs-access'
75- PolicyDocument :
76- Version : ' 2012-10-17'
77- Statement :
78- - Effect : Allow
79- Resource : ' *'
80- Action :
81- - logs:CreateLogGroup
82- - logs:CreateLogStream
83- - logs:DescribeLogGroups
84- - logs:DescribeLogStreams
85- - logs:PutLogEvents
86- EventHandlerFunction :
5+ PipelineDashboardEventHandler :
876 Type : ' AWS::Serverless::Function'
887 Properties :
89- FunctionName : pipeline-dashboard-event-handler
908 Description : Create CloudWatch metrics from CodePipeline events
919 Handler : index.handlePipelineEvent
9210 Runtime : nodejs6.10
9311 CodeUri : .
94- Role : !GetAtt EventHandlerRole.Arn
9512 Events :
9613 PipelineEventRule :
9714 Type : CloudWatchEvent
@@ -103,10 +20,22 @@ Resources:
10320 - " CodePipeline Pipeline Execution State Change"
10421 - " CodePipeline Stage Execution State Change"
10522 - " CodePipeline Action Execution State Change"
106- DashboardGeneratorFunction :
23+ Policies :
24+ - Version : ' 2012-10-17'
25+ Statement :
26+ - Effect : Allow
27+ Resource : ' *'
28+ Action :
29+ - cloudwatch:PutMetricData
30+ - codepipeline:ListPipelineExecutions
31+ - logs:CreateLogGroup
32+ - logs:CreateLogStream
33+ - logs:DescribeLogGroups
34+ - logs:DescribeLogStreams
35+ - logs:PutLogEvents
36+ PipelineDashboardGenerator :
10737 Type : ' AWS::Serverless::Function'
10838 Properties :
109- FunctionName : pipeline-dashboard-generator
11039 Description : Build CloudWatch dashboard from CloudWatch metrics
11140 Handler : index.generateDashboard
11241 Runtime : nodejs6.10
@@ -118,3 +47,18 @@ Resources:
11847 Type : Schedule
11948 Properties :
12049 Schedule : " cron(*/5 * * * ? *)"
50+ Policies :
51+ - Version : ' 2012-10-17'
52+ Statement :
53+ - Effect : Allow
54+ Resource : ' *'
55+ Action :
56+ - cloudwatch:ListMetrics
57+ - cloudwatch:GetDashboard
58+ - cloudwatch:PutDashboard
59+ - cloudwatch:DeleteDashboards
60+ - logs:CreateLogGroup
61+ - logs:CreateLogStream
62+ - logs:DescribeLogGroups
63+ - logs:DescribeLogStreams
64+ - logs:PutLogEvents
0 commit comments