templates/rewatch_aws.yml

---
AWSTemplateFormatVersion: '2010-09-09'


Description: |
  AWS resources for rewatch application
Parameters:

  lambdaExecutionRoleName:
    Type: String
    Default: rewatch_lambda_role

  lambdaMemorySize:
    Type: Number
    Default: 256
    MinValue: 64
    MaxValue: 10240

  lambdaTimeout:
    Type: Number
    Default: 10
    MinValue: 1
    MaxValue: 900

  projectName:
    Type: String
    Default: rewatch

  pythonRuntime:
    Type: String
    Default: python3.11


Resources:

  multiProjectTable:
    Type: 'AWS::DynamoDB::Table'
    Properties:
      AttributeDefinitions:
        -
          AttributeName: 'PK'
          AttributeType: 'S'
        -
          AttributeName: 'SK'
          AttributeType: 'S'

      #On demand dynamodb
      BillingMode: PAY_PER_REQUEST
      KeySchema:
        -
          AttributeName: 'PK'
          KeyType: 'HASH'
        -
          AttributeName: 'SK'
          KeyType: 'RANGE'
      #Automated backup for the last 35 days
      PointInTimeRecoverySpecification: 
        PointInTimeRecoveryEnabled: true

      SSESpecification:
          SSEEnabled: true
      TableName: !Sub '${projectName}_shared_table'

  artifactBucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      BucketName: !Sub ${projectName}-app-artifacts


  lambdaPythonFunction:
    Type: AWS::Lambda::Function
    Properties: 

      Code:
        S3Bucket: !Ref artifactBucket
        S3Key: !Sub ${projectName}/${projectName}_deployment_package.zip

      Description: !Sub 'Batch lambda invokation ${projectName}'

      FunctionName: !Sub ${projectName}-handler
      Handler: !Sub ${projectName}_handler.${projectName}_external

      MemorySize: !Ref lambdaMemorySize
      PackageType: Zip
      Role: !Sub arn:aws:iam::${AWS::AccountId}:role/${lambdaExecutionRoleName}
      Runtime: !Ref pythonRuntime
      Timeout: !Ref lambdaTimeout
      TracingConfig: 
        Mode: Active


  errorAlertTopic:
    Type: AWS::SNS::Topic
    Properties:
      TopicName: !Sub ${projectName}-error-topic

  lambdaErrorAlarm:
    Type: AWS::CloudWatch::Alarm
    Properties:
      #SNS topic arn to publish to if number of lambda errors is
      #greater than 0
      AlarmActions: 
        - !Ref errorAlertTopic
      AlarmDescription: !Sub ${projectName} Lambda Error alert
      AlarmName: !Sub ${projectName}-handler-error
      ComparisonOperator: GreaterThanThreshold
      EvaluationPeriods: 1
      Dimensions:
        - Name: FunctionName
          Value: !Sub ${projectName}-handler
      Namespace: AWS/Lambda
      MetricName: Errors      
      Statistic: Sum
      Period: 7200
      #dont want any greater than 0 errors
      Threshold: 0


  lambdaBatchTrigger: 
    Type: AWS::Events::Rule
    Properties: 
      Description: !Sub Triggers lambda function ${projectName}-handler 
      # 22:00 pm UTC+0 every day
      ScheduleExpression: cron(0 22 ? * * *)
      State: ENABLED
      Targets: 
        - 
          Arn: !GetAtt lambdaPythonFunction.Arn
          Id: !Sub ${projectName}EventTrigger

  permissionForEventsToInvokeLambda: 
    Type: AWS::Lambda::Permission
    Properties: 
      FunctionName: !Ref lambdaPythonFunction
      Action: lambda:InvokeFunction
      Principal: events.amazonaws.com
      SourceArn: !GetAtt lambdaBatchTrigger.Arn