Skip to content

Commit c89d60a

Browse files
christiangdachristiangda
authored
Merge pull request #263 from mr-yum/sean/additonal-parameters
Allow customisation of additional template fields
2 parents 6865f2c + f9bd6e6 commit c89d60a

File tree

1 file changed

+21
-4
lines changed

1 file changed

+21
-4
lines changed

template.yaml

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,9 @@ Metadata:
2121
- ScheduleExpression
2222
- MemorySize
2323
- Timeout
24+
- LogGroupName
2425
- LogGroupRetentionDays
26+
- RoleNameSuffix
2527
- Label:
2628
default: "State File - Configuration"
2729
Parameters:
@@ -192,6 +194,11 @@ Parameters:
192194
MaxValue: 900
193195
MinValue: 3
194196

197+
LogGroupName:
198+
Type: String
199+
Description: The name of the CloudWatch log group
200+
Default: "/aws/lambda/idp-scim-sync"
201+
195202
LogGroupRetentionDays:
196203
Type: Number
197204
Description: The number of days you want to keep logs for the created lambda function
@@ -243,13 +250,23 @@ Parameters:
243250
Reference: https://docs.aws.amazon.com/lambda/latest/dg/configuration-console.html
244251
Default: bootstrap
245252

253+
RoleNameSuffix:
254+
Type: String
255+
Description: Suffix to apply to IAM to avoid conflicts when multiple stacks are running in the same account
256+
Default: ""
257+
258+
LambdaFunctionName:
259+
Type: String
260+
Description: Name of the created Lambda function
261+
Default: "idp-scim-sync"
262+
246263
Resources:
247264
LambdaFunction:
248265
Type: AWS::Serverless::Function
249266
DependsOn:
250267
- LambdaFunctionLogGroup
251268
Properties:
252-
FunctionName: idp-scim-sync
269+
FunctionName: !Ref LambdaFunctionName
253270
Description: |
254271
This Lambda function will sync the AWS SSO groups and users with the Google Workspace directory and it will be triggered by an EventBridge rule.
255272
Project: https://github.com/slashdevops/idp-scim-sync
@@ -288,7 +305,7 @@ Resources:
288305
Type: AWS::IAM::Role
289306
Properties:
290307
Description: !Sub "This role is used by the Lambda function ${AWS::StackName}"
291-
RoleName: !Sub "serverless-idp-scim-sync-${AWS::AccountId}-${AWS::Region}"
308+
RoleName: !Sub "serverless-idp-scim-sync-${AWS::AccountId}-${AWS::Region}${RoleNameSuffix}"
292309
Path: /
293310
AssumeRolePolicyDocument:
294311
Statement:
@@ -431,7 +448,7 @@ Resources:
431448
- Sid: AllowAWSLambdaFunction
432449
Principal:
433450
AWS:
434-
- !Sub "arn:aws:iam::${AWS::AccountId}:role/serverless-idp-scim-sync-${AWS::AccountId}-${AWS::Region}"
451+
- !Sub "arn:aws:iam::${AWS::AccountId}:role/serverless-idp-scim-sync-${AWS::AccountId}-${AWS::Region}${RoleNameSuffix}"
435452
Effect: Allow
436453
Action:
437454
- s3:GetObject
@@ -477,7 +494,7 @@ Resources:
477494
LambdaFunctionLogGroup:
478495
Type: AWS::Logs::LogGroup
479496
Properties:
480-
LogGroupName: "/aws/lambda/idp-scim-sync"
497+
LogGroupName: !Ref LogGroupName
481498
RetentionInDays: !Ref LogGroupRetentionDays
482499

483500
Outputs:

0 commit comments

Comments
 (0)