Merge pull request #317 from bucha09/patch-1

Add custom role to cloudwatch event which trigger step functions
serverless-operations · Apr 2, 2020 · 3a57548 · 3a57548
2 parents 3172e2b + bab4302
commit 3a57548
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -42,6 +42,7 @@ This is the Serverless Framework plugin for AWS Step Functions.
          - [Specify Input or Inputpath](#specify-input-or-inputpath)
          - [Specifying a Description](#specifying-a-description)
          - [Specifying a Name](#specifying-a-name)
+         - [Specifying a RoleArn](#specifying-a-rolearn)
          - [Specifying a custom CloudWatch EventBus](#specifying-a-custom-cloudwatch-eventbus)
  - [Tags](#tags)
  - [Commands](#commands)
@@ -1001,6 +1002,33 @@ stepFunctions:
         ...
 ```
 
+#### Specifying a RoleArn
+
+You can also specify a CloudWatch Event RoleArn.
+The Amazon Resource Name (ARN) of the role that is used for target invocation.
+
+Required: No
+
+```yml
+stepFunctions:
+  stateMachines:
+    cloudwatchEvent:
+      events:
+        - cloudwatchEvent:
+            name: 'my-cloudwatch-event-name'
+            iamRole: 'arn:aws:iam::012345678910:role/Events-InvokeStepFunctions-Role'
+            event:
+              source:
+                - "aws.ec2"
+              detail-type:
+                - "EC2 Instance State-change Notification"
+              detail:
+                state:
+                  - pending
+      definition:
+        ...
+```
+
 #### Specifying a custom CloudWatch EventBus
 
 You can choose which CloudWatch Event bus to listen to:

diff --git a/lib/deploy/events/cloudWatchEvent/compileCloudWatchEventEvents.js b/lib/deploy/events/cloudWatchEvent/compileCloudWatchEventEvents.js
@@ -22,6 +22,7 @@ module.exports = {
             let Description;
             let Name;
             let EventBusName;
+            let IamRole;
 
             if (typeof eventRule === 'object') {
               if (!eventRule.event) {
@@ -43,6 +44,7 @@ module.exports = {
               Description = eventRule.description;
               Name = eventRule.name;
               EventBusName = eventRule.eventBusName;
+              IamRole = eventRule.iamRole;
 
               if (Input && InputPath) {
                 const errorMessage = [
@@ -92,12 +94,12 @@ module.exports = {
                     ${InputPath ? `"InputPath": "${InputPath.replace(/\r?\n/g, '')}",` : ''}
                     "Arn": { "Ref": "${stateMachineLogicalId}" },
                     "Id": "${cloudWatchId}",
-                    "RoleArn": {
+                    ${IamRole ? `"RoleArn":"${IamRole}"` : `"RoleArn": {
                       "Fn::GetAtt": [
                         "${cloudWatchIamRoleLogicalId}",
                         "Arn"
                       ]
-                    }
+                    }`}
                   }]
                 }
               }
@@ -146,12 +148,18 @@ module.exports = {
               [cloudWatchLogicalId]: JSON.parse(cloudWatchEventRuleTemplate),
             };
 
-            const newPermissionObject = {
-              [cloudWatchIamRoleLogicalId]: JSON.parse(iamRoleTemplate),
-            };
+            const objectsToMerge = [newCloudWatchEventRuleObject];
+
+            if (!IamRole) {
+              const newPermissionObject = {
+                [cloudWatchIamRoleLogicalId]: JSON.parse(iamRoleTemplate),
+              };
+
+              objectsToMerge.push(newPermissionObject);
+            }
 
             _.merge(this.serverless.service.provider.compiledCloudFormationTemplate.Resources,
-              newCloudWatchEventRuleObject, newPermissionObject);
+              ...objectsToMerge);
           }
         });
       }