1+ {
2+ "AWSTemplateFormatVersion": "2010-09-09",
3+ "Description": "Buiding a Dynamic DNS for Route 53 using Cloudwatch Events and Lambda based on https://github.com/awslabs/aws-lambda-ddns-function",
4+ "Parameters": {
5+ "LambdaBucketName": {
6+ "Description": "Name of S3 Bucket for where Lambda function zip files are uploaded to",
7+ "Type": "String",
8+ "MinLength": "3"
9+ }
10+ },
11+ "Resources": {
12+ "ddnslambdarole": {
13+ "Type": "AWS::IAM::Role",
14+ "Properties": {
15+ "AssumeRolePolicyDocument": {
16+ "Version": "2012-10-17",
17+ "Statement": [
18+ {
19+ "Sid": "",
20+ "Effect": "Allow",
21+ "Principal": {
22+ "Service": "lambda.amazonaws.com"
23+ },
24+ "Action": "sts:AssumeRole"
25+ }
26+ ]
27+ },
28+ "RoleName": "ddns-lambda-role",
29+ "Policies": [
30+ {
31+ "PolicyName": "ddns-lambda-role",
32+ "PolicyDocument": {
33+ "Version": "2012-10-17",
34+ "Statement": [
35+ {
36+ "Effect": "Allow",
37+ "Action": "ec2:Describe*",
38+ "Resource": "*"
39+ },
40+ {
41+ "Effect": "Allow",
42+ "Action": [
43+ "dynamodb:*"
44+ ],
45+ "Resource": "*"
46+ },
47+ {
48+ "Effect": "Allow",
49+ "Action": [
50+ "logs:CreateLogGroup",
51+ "logs:CreateLogStream",
52+ "logs:PutLogEvents"
53+ ],
54+ "Resource": "*"
55+ },
56+ {
57+ "Effect": "Allow",
58+ "Action": [
59+ "route53:*"
60+ ],
61+ "Resource": [
62+ "*"
63+ ]
64+ }
65+ ]
66+ }
67+ }
68+ ]
69+ }
70+ },
71+ "ddnslambda": {
72+ "Type": "AWS::Lambda::Function",
73+ "Properties": {
74+ "Handler": "union.lambda_handler",
75+ "FunctionName": "ddns_lambda",
76+ "Description": "Create A and PTR records for Private Hosted Zone for EC2 instance launches",
77+ "Role": {
78+ "Fn::GetAtt": [
79+ "ddnslambdarole",
80+ "Arn"
81+ ]
82+ },
83+ "Code": {
84+ "S3Bucket": {
85+ "Ref": "LambdaBucketName"
86+ },
87+ "S3Key": "union.py.zip"
88+ },
89+ "Runtime": "python2.7",
90+ "Timeout": "30"
91+ }
92+ },
93+ "DdnsRule": {
94+ "Type": "AWS::Events::Rule",
95+ "Properties": {
96+ "Description": "trigger whenever CloudWatch detects a change to the state of an EC2 instance",
97+ "Name": "ec2_lambda_ddns_rule",
98+ "EventPattern": {
99+ "source": [
100+ "aws.ec2"
101+ ],
102+ "detail-type": [
103+ "EC2 Instance State-change Notification"
104+ ],
105+ "detail": {
106+ "state": [
107+ "running",
108+ "shutting-down",
109+ "stopped"
110+ ]
111+ }
112+ },
113+ "State": "ENABLED",
114+ "Targets": [
115+ {
116+ "Arn": {
117+ "Fn::GetAtt": [
118+ "ddnslambda",
119+ "Arn"
120+ ]
121+ },
122+ "Id": "TargetFunctionV1"
123+ }
124+ ]
125+ }
126+ },
127+ "PermissionForEventsToInvokeLambda": {
128+ "Type": "AWS::Lambda::Permission",
129+ "Properties": {
130+ "FunctionName": {
131+ "Ref": "ddnslambda"
132+ },
133+ "Action": "lambda:InvokeFunction",
134+ "Principal": "events.amazonaws.com",
135+ "SourceArn": {
136+ "Fn::GetAtt": [
137+ "DdnsRule",
138+ "Arn"
139+ ]
140+ }
141+ }
142+ }
143+ },
144+ "Outputs": {}
145+ }
0 commit comments