|
| 1 | +# This AWS SAM template has been generated from your function's configuration. If |
| 2 | +# your function has one or more triggers, note that the AWS resources associated |
| 3 | +# with these triggers aren't fully specified in this template and include |
| 4 | +# placeholder values. Open this template in AWS Infrastructure Composer or your |
| 5 | +# favorite IDE and modify it to specify a serverless application with other AWS |
| 6 | +# resources. |
| 7 | +AWSTemplateFormatVersion: '2010-09-09' |
| 8 | +Transform: AWS::Serverless-2016-10-31 |
| 9 | +Description: An AWS Serverless Application Model template describing your function. |
| 10 | +Resources: |
| 11 | + AnalyticsQueryHandler: |
| 12 | + Type: AWS::Serverless::Function |
| 13 | + Properties: |
| 14 | + CodeUri: . |
| 15 | + Description: >- |
| 16 | + Powers the analytics dashboard. Fetches public tender stats from RDS and |
| 17 | + calls external APIs based on an X-User-ID header to return tailored data |
| 18 | + for standard or super users. |
| 19 | + MemorySize: 128 |
| 20 | + Timeout: 60 |
| 21 | + Handler: lambda_function.lambda_handler |
| 22 | + Runtime: python3.9 |
| 23 | + Architectures: |
| 24 | + - x86_64 |
| 25 | + EphemeralStorage: |
| 26 | + Size: 512 |
| 27 | + Environment: |
| 28 | + Variables: |
| 29 | + DB_ENDPOINT: tender-tool-db.c2hq4seoidxc.us-east-1.rds.amazonaws.com |
| 30 | + DB_NAME: tendertool_db |
| 31 | + DB_PASSWORD: T3nder$Tool_DB_2025! |
| 32 | + DB_USER: AnalyticsAppUser |
| 33 | + EventInvokeConfig: |
| 34 | + MaximumEventAgeInSeconds: 21600 |
| 35 | + MaximumRetryAttempts: 2 |
| 36 | + Layers: |
| 37 | + - !Ref Layer1 |
| 38 | + PackageType: Zip |
| 39 | + Policies: |
| 40 | + - Statement: |
| 41 | + - Effect: Allow |
| 42 | + Action: |
| 43 | + - rds-db:connect |
| 44 | + Resource: >- |
| 45 | + arn:aws:rds-db:us-east-1:211635102441:dbuser:prx-XXXXXXXXXXXXXXXXX/AnalyticsLambdaExecutionRole |
| 46 | + - Sid: AWSLambdaVPCAccessExecutionPermissions |
| 47 | + Effect: Allow |
| 48 | + Action: |
| 49 | + - logs:CreateLogGroup |
| 50 | + - logs:CreateLogStream |
| 51 | + - logs:PutLogEvents |
| 52 | + - ec2:CreateNetworkInterface |
| 53 | + - ec2:DescribeNetworkInterfaces |
| 54 | + - ec2:DescribeSubnets |
| 55 | + - ec2:DeleteNetworkInterface |
| 56 | + - ec2:AssignPrivateIpAddresses |
| 57 | + - ec2:UnassignPrivateIpAddresses |
| 58 | + Resource: '*' |
| 59 | + - Effect: Allow |
| 60 | + Action: |
| 61 | + - logs:CreateLogGroup |
| 62 | + - logs:CreateLogStream |
| 63 | + - logs:PutLogEvents |
| 64 | + Resource: '*' |
| 65 | + RecursiveLoop: Terminate |
| 66 | + SnapStart: |
| 67 | + ApplyOn: None |
| 68 | + Events: |
| 69 | + Api1: |
| 70 | + Type: Api |
| 71 | + Properties: |
| 72 | + Path: /analytics |
| 73 | + Method: ANY |
| 74 | + RuntimeManagementConfig: |
| 75 | + UpdateRuntimeOn: Auto |
| 76 | + # This resource represents your Layer with name analytics-layer. To download |
| 77 | +# the content of your Layer, go to |
| 78 | +# |
| 79 | +# aws.amazon.com/go/view?arn=arn%3Aaws%3Alambda%3Aus-east-1%3A211635102441%3Alayer%3Aanalytics-layer%3A2&source=lambda |
| 80 | + Layer1: |
| 81 | + Type: AWS::Serverless::LayerVersion |
| 82 | + Properties: |
| 83 | + ContentUri: ./analytics-layer |
| 84 | + LayerName: analytics-layer |
| 85 | + CompatibleRuntimes: |
| 86 | + - python3.9 |
0 commit comments