This repository has been archived by the owner on Dec 5, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtemplate.yaml
215 lines (215 loc) · 9.05 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Description: Create resources to delete old Formstack forms and submissions on a daily basis, in compliance with GDPR.
Parameters:
Stage:
Description: Lambda stage.
Type: String
AllowedValues:
- PROD # only PROD currently supported since there isn't a CODE Formstack environment
DistributionBucket:
Type: AWS::SSM::Parameter::Value<String>
Default: /account/services/artifact.bucket
FormstackAccountIdAccount1:
Description: Id of the first Formstack account.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackAccountIdAccount1
FormstackAccessTokenAccount1:
Description: Used to authenticate against the Formstack API for account one.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackAccessTokenAccount1
FormstackEncryptionPasswordAccount1:
Description: Used to decrypt Formstack submissions for account 1.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackEncryptionPasswordAccount1
FormstackAccountIdAccount2:
Description: Id of the second Formstack account.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackAccountIdAccount2
FormstackAccessTokenAccount2:
Description: Used to authenticate against the Formstack API for account 2.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackAccessTokenAccount2
FormstackEncryptionPasswordAccount2:
Description: Used to decrypt Formstack submissions for account 2.
Type: AWS::SSM::Parameter::Value<String>
Default: /PROD/formstack/delete-expired-formstack-data/FormstackEncryptionPasswordAccount2
AlarmTopic:
Description: ARN of SNS topic to send messages to when a Formstack alarm transitions to the Alarm state.
Type: String
Default: /PROD/formstack/delete-expired-formstack-data/AlarmTopic
Resources:
FormDeletionLambda:
Type: AWS::Serverless::Function
Properties:
CodeUri:
Bucket: !Ref DistributionBucket
Key: !Sub ${Stage}/delete-expired-formstack-data-lambdas/app.jar
Description: Lambda to delete old Formstack forms
Events:
DailyInvocationAccount1:
Type: Schedule
Properties:
Description: Invoke the lambda to delete expired Formstack forms for account 1 daily at 10am.
Input: !Sub >
{
"formstackAccountId": "${FormstackAccountIdAccount1}",
"formstackAccessToken": "${FormstackAccessTokenAccount1}",
"formstackEncryptionPassword": "${FormstackEncryptionPasswordAccount1}",
"isDryRun": true
}
Schedule: cron(0 10 * * ? *)
DailyInvocationAccount2:
Type: Schedule
Properties:
Description: Invoke the lambda to delete expired Formstack forms for account 2 daily at 10am.
Input: !Sub >
{
"formstackAccountId": "${FormstackAccountIdAccount2}",
"formstackAccessToken": "${FormstackAccessTokenAccount2}",
"formstackEncryptionPassword": "${FormstackEncryptionPasswordAccount2}",
"isDryRun": true
}
Schedule: cron(0 10 * * ? *)
FunctionName: !Sub formstack-form-deletion-lambda-${Stage}
Handler: com.gu.formstack.handlers.FormstackFormDeletionHandler::handleRequest
MemorySize: 512
Runtime: java11
Timeout: 900
SubmissionDeletionLambda:
Type: AWS::Serverless::Function
Properties:
CodeUri:
Bucket: !Ref DistributionBucket
Key: !Sub ${Stage}/delete-expired-formstack-data-lambdas/app.jar
Description: Lambda to delete old Formstack submissions
# We want to invoke the lambda(s) for deleting forms submissions after the lambda(s) for deleting forms,
# since this will save on API requests to get and delete submissions.
Events:
DailyInvocationAccount1:
Type: Schedule
Properties:
Description: Invoke the lambda to delete expired Formstack submissions for account 1 daily at 11am.
Input: !Sub >
{
"formstackAccountId": "${FormstackAccountIdAccount1}",
"formstackAccessToken": "${FormstackAccessTokenAccount1}",
"formstackEncryptionPassword": "${FormstackEncryptionPasswordAccount1}",
"isDryRun": true
}
Schedule: cron(0 11 * * ? *)
DailyInvocationAccount2:
Type: Schedule
Properties:
Description: Invoke the lambda to delete expired Formstack submissions for account 2 daily at 11am.
Input: !Sub >
{
"formstackAccountId": "${FormstackAccountIdAccount2}",
"formstackAccessToken": "${FormstackAccessTokenAccount2}",
"formstackEncryptionPassword": "${FormstackEncryptionPasswordAccount2}",
"isDryRun": true
}
Schedule: cron(0 11 * * ? *)
FunctionName: !Sub formstack-submission-deletion-lambda-${Stage}
Handler: com.gu.formstack.handlers.FormstackSubmissionDeletionHandler::handleRequest
MemorySize: 256
Runtime: java11
Timeout: 900
# All we require is for the lambda for each account to be successfully invoked at least once per day (possibly after retries).
# Since it can be invoked successfully at most once per day, this requirement will NOT be met
# (i.e. we should trigger the alarm) if and only if there are < 2 successful invocations per day.
FormstackFormDeletionLambdaAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
# Don't alarm whilst lambda is getting invoked in dry run mode.
ActionsEnabled: False
AlarmActions:
- !Ref AlarmTopic
AlarmDescription: >
Alarm if expired forms haven't been successfully deleted for both Formstack accounts.
Github repo: https://github.com/guardian/delete-expired-formstack-data
AlarmName: !Sub formstack-form-deletion-alarm-${Stage}
ComparisonOperator: LessThanThreshold
EvaluationPeriods: 1
# Have to use a MetricDataQuery since successes isn't a predefined metric.
# Alternatively could use a MetricFilter or a custom metric, but this is brittle / adds complexity (respectively).
Metrics:
- Id: invocations
Label: Lambda invocations
MetricStat:
Metric:
Dimensions:
- Name: FunctionName
Value: !Ref FormDeletionLambda
MetricName: Invocations
Namespace: AWS/Lambda
Period: 86400
Stat: Sum
Unit: Count
ReturnData: False
- Id: errors
Label: Lambda errors
MetricStat:
Metric:
Dimensions:
- Name: FunctionName
Value: !Ref FormDeletionLambda
MetricName: Errors
Namespace: AWS/Lambda
Period: 86400
Stat: Sum
Unit: Count
ReturnData: False
- Expression: invocations - errors
Id: successes
Label: Lambda successes
ReturnData: True
Threshold: 2
# Treat missing data as breaching so the alarm will trigger if the lambda isn't invoked for a given day.
TreatMissingData: breaching
# All comments for FormstackFormDeletionLambdaAlarm are also applicable for this alarm.
FormstackSubmissionDeletionLambdaAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
ActionsEnabled: False
AlarmActions:
- !Ref AlarmTopic
AlarmDescription: >
Alarm if expired submissions haven't been successfully deleted for both Formstack accounts.
Github repo: https://github.com/guardian/delete-expired-formstack-data.
AlarmName: !Sub formstack-submission-deletion-alarm-${Stage}
ComparisonOperator: GreaterThanOrEqualToThreshold
EvaluationPeriods: 1
Metrics:
- Id: invocations
Label: Lambda invocations
MetricStat:
Metric:
Dimensions:
- Name: FunctionName
Value: !Ref SubmissionDeletionLambda
MetricName: Invocations
Namespace: AWS/Lambda
Period: 86400
Stat: Sum
Unit: Count
ReturnData: False
- Id: errors
Label: Lambda errors
MetricStat:
Metric:
Dimensions:
- Name: FunctionName
Value: !Ref SubmissionDeletionLambda
MetricName: Errors
Namespace: AWS/Lambda
Period: 86400
Stat: Sum
Unit: Count
ReturnData: False
- Expression: invocations - errors
Id: successes
Label: Lambda successes
ReturnData: True
Threshold: 2
TreatMissingData: breaching