-
Notifications
You must be signed in to change notification settings - Fork 10
/
template.yml
executable file
·327 lines (311 loc) · 12 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
# This is the SAM template that represents the architecture of your serverless application
# https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-template-basics.html
# The AWSTemplateFormatVersion identifies the capabilities of the template
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/format-version-structure.html
AWSTemplateFormatVersion: 2010-09-09
Description: >-
The main AWS CloudFormation stack to integrate features with SugarCRM.
# Transform section specifies one or more macros that AWS CloudFormation uses to process your template
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-section-structure.html
Transform:
- AWS::Serverless-2016-10-31
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: S3 Bucket
Parameters:
- InstallationS3BucketName
- InstallationFile
- Label:
default: Sugar Instance
Parameters:
- SugarURL
- SugarSecretARN
- Label:
default: Sugar Portal Chat
Parameters:
- EnableSugarPortalChat
- AmazonConnectInstanceID
- ContactFlowID
- Label:
default: Call Recording Link
Parameters:
- EnableCallRecordingLink
- AWSConnectInstanceName
- AWSConnectDomain
- CallRecordingPartialURL
- Label:
default: Call Transcript Upload
Parameters:
- EnableCallTranscriptUpload
# Environment variables
Parameters:
InstallationS3BucketName:
Type: String
Description: The S3 bucket containing the files needed by this template.
InstallationFile:
Type: String
Description: >-
The path to the installation file located in your S3 bucket (e.g. "my/path/Lambda-v1.0.zip").
EnableSugarPortalChat:
Type: String
Default: 'false'
Description: Turn this on to allow the chat window to be enabled in Sugar Portal.
AllowedValues:
- true
- false
EnableCallRecordingLink:
Type: String
Default: 'false'
Description: >-
Turn this on to save call recording links in Sugar. Call recording must be enabled
in Amazon Connect to use this feature.
AllowedValues:
- true
- false
EnableCallTranscriptUpload:
Type: String
Default: 'false'
Description: >-
Turn this on to save call transcripts in Sugar. Call recording and Contact Lens must
be enabled in Amazon Connect to use this feature.
AllowedValues:
- true
- false
SugarSecretARN:
Type: String
Description: The ARN of the secret that holds credentials to your Sugar instance.
SugarURL:
Type: String
Description: The URL of your Sugar instance.
AWSConnectInstanceName:
Type: String
Description: >-
The name of your Amazon Connect instance. For example, in the Amazon
Connect URL "https://example.awsapps.com/connect/ccp-v2", the instance name
is "example".
AWSConnectDomain:
Type: String
Description: The domain name of your AWS Connect instance (e.g "example.com").
CallRecordingPartialURL:
Type: String
Default: '/connect/get-recording?format=mp3&callLegId='
Description: >-
The partial URL used to construct call recording links. This value should not be
changed unless AWS updates how call recording links are generated.
ContactFlowID:
Type: String
Description: >-
The ID of the contact flow you wish to use in the Sugar Portal chat. If a contact flow's
ARN is "arn:aws:connect:us-west-2:123456789012:instance/1111/contact-flow/2222", the
contact flow ID is "2222".
AmazonConnectInstanceID:
Type: String
Description: >-
The ID of your Amazon Connect instance. If your instance ARN is
"arn:aws:connect:us-west-2:123456789012:instance/1111", the instance ID is "1111".
Conditions:
ShouldEnableSugarPortalChat: !Equals [ !Ref EnableSugarPortalChat, 'true' ]
ShouldEnableCallRecordingLink: !Equals [ !Ref EnableCallRecordingLink, 'true' ]
ShouldEnableCallTranscriptUpload: !Equals [ !Ref EnableCallTranscriptUpload, 'true' ]
ShouldInstallCreateCaseFunction: !Condition ShouldEnableSugarPortalChat
ShouldInstallAddNoteToCaseFunction: !Condition ShouldEnableSugarPortalChat
ShouldInstallCaseStatusFunction: !Condition ShouldEnableSugarPortalChat
ShouldInstallLexGetStringFunction: !Condition ShouldEnableSugarPortalChat
ShouldInstallStartChatFunction: !Condition ShouldEnableSugarPortalChat
ShouldInstallStartChatLambdaExecutionRole: !Condition ShouldEnableSugarPortalChat
ShouldInstallStartChatApiGateway: !Condition ShouldEnableSugarPortalChat
ShouldInstallSaveCallTranscriptFunction: !Condition ShouldEnableCallTranscriptUpload
ShouldInstallCallRecordingFunction: !Condition ShouldEnableCallRecordingLink
ShouldInstallS3CloudwatchLambdaExecutionRole: !Or
- !Condition ShouldInstallSaveCallTranscriptFunction
- !Condition ShouldInstallCallRecordingFunction
# Resources declares the AWS resources that you want to include in the stack
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/resources-section-structure.html
Resources:
# Each Lambda function is defined by properties:
# https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
# This is a Lambda function config associated with the source code: create-case.js
CreateCaseFunction:
Condition: ShouldInstallCreateCaseFunction
Type: AWS::Serverless::Function
Properties:
Handler: src/handlers/create-case.createCaseHandler
Runtime: nodejs18.x
MemorySize: 128
Timeout: 100
Environment:
Variables:
region: !Ref AWS::Region
secretManagerArn: !Ref SugarSecretARN
sugarUrl: !Ref SugarURL
Description: A Lambda function that creates a case.
Policies:
# Give Lambda basic execution Permission to write CloudWatch logs
- AWSLambdaBasicExecutionRole
- SecretsManagerReadWrite
# This is a Lambda function config associated with the source code: add-note-to-case.js
AddNoteToCaseFunction:
Condition: ShouldInstallAddNoteToCaseFunction
Type: AWS::Serverless::Function
Properties:
Handler: src/handlers/add-note-to-case.handler
Runtime: nodejs18.x
MemorySize: 128
Timeout: 100
Environment:
Variables:
region: !Ref AWS::Region
secretManagerArn: !Ref SugarSecretARN
sugarUrl: !Ref SugarURL
Description: A Lambda function that adds a note to a case.
Policies:
# Give Lambda basic execution Permission to write CloudWatch logs
- AWSLambdaBasicExecutionRole
- SecretsManagerReadWrite
# This is a Lambda function config for source code: case-status.js
CaseStatusFunction:
Condition: ShouldInstallCaseStatusFunction
Type: 'AWS::Serverless::Function'
Properties:
Description: AWS Lambda Function to get case status by case number
Handler: 'src/handlers/case-status.handler'
Runtime: 'nodejs18.x'
MemorySize: 128
Timeout: 60
Environment:
Variables:
region: !Ref AWS::Region
secretManagerArn: !Ref SugarSecretARN
sugarUrl: !Ref SugarURL
Policies:
# Give Lambda basic execution Permission to createCase
- AWSLambdaBasicExecutionRole
- SecretsManagerReadWrite
# This is a Lambda function config for source code: lex-get-string.js
LexGetStringFunction:
Condition: ShouldInstallLexGetStringFunction
Type: 'AWS::Serverless::Function'
Properties:
Description: AWS Lambda Function to be called by Lex to return whole input
Handler: 'src/handlers/lex-get-string.handler'
Runtime: 'nodejs18.x'
MemorySize: 128
Timeout: 60
Policies:
# Give Lambda basic execution Permission to createCase
- AWSLambdaBasicExecutionRole
SaveCallTranscriptFunction:
Condition: ShouldInstallSaveCallTranscriptFunction
Type: 'AWS::Serverless::Function'
Properties:
Description: AWS Lambda Function to save call transcripts based on S3 Trigger
Handler: 'src/handlers/save-transcript.handler'
Runtime: 'nodejs18.x'
MemorySize: 128
Role: !GetAtt s3CloudwatchLambdaExecutionRole.Arn
Timeout: 60
Environment:
Variables:
region: !Ref AWS::Region
secretManagerArn: !Ref SugarSecretARN
sugarUrl: !Ref SugarURL
CallRecordingFunction:
Condition: ShouldInstallCallRecordingFunction
Type: 'AWS::Serverless::Function'
Properties:
Description: AWS Lambda Function to perform actions on the call recording
Handler: 'src/handlers/call-recording.handler'
Runtime: 'nodejs18.x'
MemorySize: 128
Role: !GetAtt s3CloudwatchLambdaExecutionRole.Arn
Timeout: 60
Environment:
Variables:
region: !Ref AWS::Region
secretManagerArn: !Ref SugarSecretARN
sugarUrl: !Ref SugarURL
awsConnectInstance: !Ref AWSConnectInstanceName
awsConnectDomain: !Ref AWSConnectDomain
callRecordingPartialUrl: !Ref CallRecordingPartialURL
# Function to start connect Chat from API call
StartChatFunction:
Condition: ShouldInstallStartChatFunction
Type: 'AWS::Serverless::Function'
Properties:
Description: AWS Lambda Function to start chat from incoming API call
Handler: 'src/handlers/start-chat.handler'
Runtime: 'nodejs18.x'
MemorySize: 128
Role: !GetAtt StartChatLambdaExecutionRole.Arn
Timeout: 60
Environment:
Variables:
instanceId: !Ref AmazonConnectInstanceID
contactFlowId: !Ref ContactFlowID
Events:
GetRoot:
Type: Api
Properties:
RestApiId: !Ref StartChatApiGateway
Path: /
Method: post
# Role to combine S3, CloudWatch, and Basic Lambda permissions for saving
s3CloudwatchLambdaExecutionRole:
Condition: ShouldInstallS3CloudwatchLambdaExecutionRole
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "lambda.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AmazonS3FullAccess"
- "arn:aws:iam::aws:policy/CloudWatchLogsFullAccess"
- "arn:aws:iam::aws:policy/AWSLambdaExecute"
- "arn:aws:iam::aws:policy/SecretsManagerReadWrite"
# Role to give StartChat lambda access to the client amazon connect instance
StartChatLambdaExecutionRole:
Condition: ShouldInstallStartChatLambdaExecutionRole
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "lambda.amazonaws.com"
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: start-chat-contact-execution-policy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource:
- !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/*"
- Effect: "Allow"
Action:
- "connect:StartChatContact"
Resource:
- !Sub "arn:${AWS::Partition}:connect:${AWS::Region}:${AWS::AccountId}:instance/${AmazonConnectInstanceID}"
- !Sub "arn:${AWS::Partition}:connect:${AWS::Region}:${AWS::AccountId}:instance/${AmazonConnectInstanceID}/*"
StartChatApiGateway:
Condition: ShouldInstallStartChatApiGateway
Type: AWS::Serverless::Api
Properties:
StageName: Prod