Add CloudWatch Logs putMetricFilter

Also improve the README and upgrade existing functions to nodejs4.3
2016-05-09 16:13:01 -04:00 · 2016-05-09 16:13:01 -04:00 · e4c8b2bf62
commit e4c8b2bf62
parent d8c56ebde8
2 changed files with 107 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -66,6 +66,33 @@ general manner - much the same way CloudFormation itself has permission to do al
   ```


+## Warning
+If you update your helper stack, all client stacks (i.e. other stacks that use the helpers) will be okay
+after the new version is deployed. But some helpers rely on stored data to do the delete when the client
+stack is deleted. This is stored in a DynamoDB table and will get blown away when you delete-then-recreate
+the helper stack. You can get around this by updating the stack instead of tearing it down and recreating
+it. But it's probably a good idea to export the helper's DynamoDB table so you have a backup. If you lose
+the data, when you tear down client stacks, you may have to manually delete some resources created by the
+helpers.
+
+
+## Steps for adding a new included function
+1a. If a file already exists for the AWS service in the [aws directory](aws), add the code there.
+1b. If not, create a new file for the AWS service.
+2.  Add a new class that implements base.Handler for the new functionality. In most cases, it will be sufficient
+    to pass all parameters (other than ServiceToken through to the AWS client).
+2a. If the 'delete' can't be implemented using the 'create' parameters, make sure the 'create' returns all
+    necessary data needed for the 'delete' (such as unknowable ids); these will be stored in DynamoDB for future
+    reference in the 'delete'.
+3.  Add a new export method that calls the new class.
+4.  Add two new Resources to the [create_cloudformation_helper_functions.template](create_cloudformation_helper_functions.template):
+  a. The Role for the new function.
+  b. The function itself (referencing the new method from #3).
+5.  Add an output for the function ARN to the template.
+6.  Add an example template to the [test directory](test/aws).
+7.  Update the [README](README.md) to explain the new helper function.
+
+
 ## Included functions

 ### Create a full API in API Gateway
@ -194,6 +221,22 @@ KinesisCreateStreamFunctionArn
 [kinesis.createStream.template](test/aws/kinesis.createStream.template)


+### Put CloudWatch Logs Metric Filter
+
+Mirrors the [CloudWatchLogs.putMetricFilter API method](http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CloudWatchLogs.html#putMetricFilter-property).
+
+This will delete the metric filter when the corresponding stack is deleted.
+
+#### Parameters
+Exactly the same as the documentation above.
+
+#### Reference Output Name
+CloudWatchLogsPutMetricFilterFunctionArn
+
+#### Example/Test Template
+[cloudWatchLogs.putMetricFilter.template](test/aws/cloudWatchLogs.putMetricFilter.template)
+
+
 ### Put S3 Objects

 Mirrors the [S3.putObject API method](http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#putObject-property).
--- a/create_cloudformation_helper_functions.template
+++ b/create_cloudformation_helper_functions.template
@ -99,13 +99,68 @@
        "Description": "Used to create a full API in Api Gateway.",
        "Handler": "aws/apiGateway.createApi",
        "Role": {"Fn::GetAtt" : [ "ApiGatewayCreateApiFunctionRole", "Arn" ] },
-        "Runtime": "nodejs",
+        "Runtime": "nodejs4.3",
        "Timeout": 30
      },
      "DependsOn": [
        "ApiGatewayCreateApiFunctionRole"
      ]
    },
+    "CloudWatchLogsPutMetricFilterFunctionRole": {
+      "Type": "AWS::IAM::Role",
+      "Properties": {
+        "AssumeRolePolicyDocument": {
+          "Version" : "2012-10-17",
+          "Statement": [
+            {
+              "Effect": "Allow",
+              "Principal": {
+                "Service": [ "lambda.amazonaws.com" ]
+              },
+              "Action": [ "sts:AssumeRole" ]
+            }
+          ]
+        },
+        "ManagedPolicyArns": [
+          { "Ref": "RoleBasePolicy" }
+        ],
+        "Policies": [
+          {
+            "PolicyName": "LogFilterCreator",
+            "PolicyDocument": {
+              "Version" : "2012-10-17",
+              "Statement": [
+                {
+                  "Effect": "Allow",
+                  "Action": [
+                    "logs:DeleteMetricFilter",
+                    "logs:PutMetricFilter"
+                  ],
+                  "Resource": "*"
+                }
+              ]
+            }
+          }
+        ]
+      }
+    },
+    "CloudWatchLogsPutMetricFilterFunction": {
+      "Type": "AWS::Lambda::Function",
+      "Properties": {
+        "Code": {
+          "S3Bucket": "com.gilt.public.backoffice",
+          "S3Key": "lambda_functions/cloudformation-helpers.zip"
+        },
+        "Description": "Used to populate a DynamoDB database from CloudFormation",
+        "Handler": "aws/cloudWatchLogs.putMetricFilter",
+        "Role": {"Fn::GetAtt" : [ "CloudWatchLogsPutMetricFilterFunctionRole", "Arn" ] },
+        "Runtime": "nodejs4.3",
+        "Timeout": 30
+      },
+      "DependsOn": [
+        "CloudWatchLogsPutMetricFilterFunctionRole"
+      ]
+    },
    "DynamoDBPutItemsFunctionRole": {
      "Type": "AWS::IAM::Role",
      "Properties": {
@ -155,7 +210,7 @@
        "Description": "Used to populate a DynamoDB database from CloudFormation",
        "Handler": "aws/dynamo.putItems",
        "Role": {"Fn::GetAtt" : [ "DynamoDBPutItemsFunctionRole", "Arn" ] },
-        "Runtime": "nodejs",
+        "Runtime": "nodejs4.3",
        "Timeout": 30
      },
      "DependsOn": [
@ -211,7 +266,7 @@
        "Description": "Used to create a Kinesis stream",
        "Handler": "aws/kinesis.createStream",
        "Role": {"Fn::GetAtt" : [ "KinesisCreateStreamFunctionRole", "Arn" ] },
-        "Runtime": "nodejs",
+        "Runtime": "nodejs4.3",
        "Timeout": 180
      },
      "DependsOn": [
@ -267,7 +322,7 @@
        "Description": "Used to put objects into S3.",
        "Handler": "aws/s3.putObject",
        "Role": {"Fn::GetAtt" : [ "S3PutObjectFunctionRole", "Arn" ] },
-        "Runtime": "nodejs",
+        "Runtime": "nodejs4.3",
        "Timeout": 30
      },
      "DependsOn": [
@ -322,7 +377,7 @@
        "Description": "Used to subscribe to existing SNS topics.",
        "Handler": "aws/sns.subscribe",
        "Role": {"Fn::GetAtt" : [ "SnsSubscribeFunctionRole", "Arn" ] },
-        "Runtime": "nodejs",
+        "Runtime": "nodejs4.3",
        "Timeout": 30
      },
      "DependsOn": [
@ -335,6 +390,10 @@
      "Description": "The ARN of the ApiGatewayCreateApiFunction, for use in other CloudFormation templates.",
      "Value": { "Fn::GetAtt" : ["ApiGatewayCreateApiFunction", "Arn"] }
    },
+    "CloudWatchLogsPutMetricFilterFunctionArn": {
+      "Description": "The ARN of the CloudWatchLogsPutMetricFilterFunction, for use in other CloudFormation templates.",
+      "Value": { "Fn::GetAtt" : ["CloudWatchLogsPutMetricFilterFunction", "Arn"] }
+    },
    "DynamoDBPutItemsFunctionArn": {
      "Description": "The ARN of the DynamoDBPutItemsFunction, for use in other CloudFormation templates.",
      "Value": { "Fn::GetAtt" : ["DynamoDBPutItemsFunction", "Arn"] }