-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.yml
59 lines (59 loc) · 1.72 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Sends money to ILP addresses
Parameters:
ILPSecurityGroup:
Type: String
Description: The security group that the lambda should be part of to access the ILP connector
ILPSubnet:
Type: String
Description: The subnet that the lambda should have to access the ILP connector
MongoUri:
Type: AWS::SSM::Parameter::Value<String>
Default: '/api/db/mongo_uri'
IlpAddress:
Type: AWS::SSM::Parameter::Value<String>
Default: '/lambda/ilp/internal_lb_address'
Resources:
ILPPayoutSenderDeadLetterQueue:
Type: AWS::SQS::Queue
ILPPayoutSenderQueue:
Type: AWS::SQS::Queue
Properties:
QueueName: ilp-payout-sender-input
RedrivePolicy:
deadLetterTargetArn: !GetAtt ILPPayoutSenderDeadLetterQueue.Arn
maxReceiveCount: 3
VisibilityTimeout: 960
ILPPayoutSenderFunction:
Type: AWS::Serverless::Function
Properties:
Timeout: 900
Handler: index.handler
Runtime: nodejs12.x
CodeUri: ./
VpcConfig:
SecurityGroupIds:
- !Ref ILPSecurityGroup
SubnetIds:
- !Ref ILPSubnet
Events:
ILPPayoutSenderEvent:
Type: SQS
Properties:
Queue: !GetAtt ILPPayoutSenderQueue.Arn
BatchSize: 1
Policies:
- AmazonSQSFullAccess
- AmazonDynamoDBFullAccess
- AWSLambdaVPCAccessExecutionRole
- Statement:
- Effect: Allow
Action:
- 'kms:Decrypt'
- 'kms:ListKeys'
Resource: '*'
Environment:
Variables:
MONGO_URI: !Ref MongoUri
ILP_CONNECTOR_ADDRESS: !Ref IlpAddress